CVE-2026-43496

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A kernel panic can occur in the Linux kernel when a Random Early Detection (RED) queueing discipline (qdisc) has children, such as a Fair Queueing (FQ) qdisc, whose peek() callback is qdisc peek dequeued(). The issue arises when a parent qdisc attempts to retrieve a socket buffer (skb) from its child. After a successful peek() operation, the subsequent dequeue() call on the RED qdisc triggers a null-pointer dereference in the qfq dequeue() function because it attempts to grab a packet from the queue instead of retrieving the already peeked gso skb queue packet.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.