CVE-2026-43341

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the ioam6 fill trace data() function where the schema contribution to the trace length is stored in a u8 (an 8-bit unsigned integer). When bit 22 is enabled and the largest schema payload is used, the sclen variable wraps from 256 to 0, bypassing the remaining-space check. Consequently, the ioam6 fill trace data() function positions the write cursor without reserving the necessary schema area but still copies the 4-byte schema header and the full schema payload, leading to a trace buffer overrun.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.