CVE-2026-43190

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An out-of-bounds read exists in the TCP option parser within the net/netfilter/xt tcpmss.c file. The issue occurs when the code reads op[i+1] without validating the remaining option length. If the last byte of the option field is not EOL (End of List) or NOP (No Operation), the system may access memory beyond the optlen boundary, potentially reading past the opt stack buffer or the subsequent payload.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.