CVE-2026-43088

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the PF KEY export paths where pfkey sockaddr size() is used to reserve sockaddr payload space, resulting in IPv6 addresses occupying 32 bytes. However, the pfkey sockaddr fill() function only initializes the first 28 bytes of struct sockaddr in6, leaving the final 4 aligned bytes uninitialized. This affects export paths that append aligned sockaddr payloads using skb put(), specifically within SADB ACQUIRE, SADB X NAT T NEW MAPPING, and SADB X MIGRATE.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.