CVE-2026-43502

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the Reliable Delivery Service (RDS) implementation where zerocopy send operations can fail after user pages are pinned but before the message is attached to the sending socket. The cleanup process incorrectly infers the zerocopy state from rm->m rs, which may lead to unqueued messages being cleaned up as if they contained normal payload pages. Zerocopy ownership is actually determined by the presence of op mmp znotifier. This inconsistency occurs during early send failure cleanup before the message reaches the socket queue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.