CVE-2026-43100

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A NULL pointer dereference exists in the bridge component when CONFIG BRIDGE VLAN FILTERING is not set. In this configuration, the functions br vlan group() and nbp vlan group() return NULL. The BR BOOLOPT FDB LOCAL VLAN 0 toggle code can reach the functions br fdb delete locals per vlan port() and br fdb insert locals per vlan port(), where the NULL vlan group pointer is dereferenced during a list iteration. This issue can be triggered when creating a bridge with IFLA BR MULTI BOOLOPT containing BR BOOLOPT FDB LOCAL VLAN 0 via RTM NEWLINK.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.