CVE-2026-43116

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw in the netfilter ctnetlink component allows for unsafe access to the master conntrack object. Holding a reference to the expectation is insufficient because the master conntrack object can be removed, rendering exp->master invalid. This occurs during the delete expectation command, the get expectation command, and during the delivery of the IPEXP NEW event, where the master conntrack event cache is accessed via exp->master.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

CVE-2026-43116

Affected Products

Linux Kernel

CVE-2026-43116

Weakness Enumeration

Related Identifiers

Affected Products

References · 8