CVE-2026-43303

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description Certain subsystems, including slub, shmem, and ttm, fail to clear the page->private variable before freeing pages. When these pages are subsequently allocated as high-order pages and split through the split page() function, the tail pages retain stale values in page->private. This leads to a use-after-free condition in the swap subsystem, as the swap code assumes freshly allocated pages have a page->private value of 0. Consequently, the swap count continued() function may incorrectly identify a valid continuation list and iterate over uninitialized page->lru values containing LIST POISON, resulting in a system crash.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.