CVE-2026-43070

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the BPF (Berkeley Packet Filter) verifier where the dst reg->id is not reset to 0 during a BPF END (byte swap) operation. When a register undergoes this operation, its scalar value is mutated in-place. If the register shared a scalar ID with another register, the failure to break this tie allows the verifier to incorrectly propagate learned bounds to the linked register during a conditional jump. This can lead to false confidence in the register's value, potentially enabling out-of-bounds memory accesses.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.