CVE-2026-43039

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the emac dispatch skb zc() function where a new skb is allocated via napi alloc skb() but packet data from the XDP buffer is not copied into it. This results in the skb being passed up the stack containing uninitialized heap memory, which leaks kernel heap contents to userspace. Additionally, the use of the skb mark for recycle() call on an skb backed by the NAPI page frag allocator instead of page pool causes pages to be returned to an incorrect page pool, leading to corruption of the page pool state.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.