CVE-2026-43422

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A NULL pointer dereference occurs in the legacy NCM driver within the gncm bind() function. This issue arises because the driver attempts to access the net device before it is fully instantiated, following a change that deferred the allocation of the net device to align its lifecycle with the bind/unbind process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.