CVE-2026-43042

Published: Mag 01, 2026 Last Modified: Mag 03, 2026
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,1
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Attack Vector: local
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: none
Availability: high

Description

AI Translation Available

In the Linux kernel, the following vulnerability has been resolved:

mpls: add seqcount to protect the platform_label{,s} pair

The RCU-protected codepaths (mpls_forward, mpls_dump_routes) can have
an inconsistent view of platform_labels vs platform_label in case of a
concurrent resize (resize_platform_label_table, under
platform_mutex). This can lead to OOB accesses.

This patch adds a seqcount, so that we get a consistent snapshot.

Note that mpls_label_ok is also susceptible to this, so the check
against RTA_DST in rtm_to_route_config, done outside platform_mutex,
is not sufficient. This value gets passed to mpls_label_ok once more
in both mpls_route_add and mpls_route_del, so there is no issue, but
that additional check must not be removed.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0001
Percentile
0,0th
Updated

EPSS Score Trend (Last 2 Days)

https://git.kernel.org/stable/c/5bb3caf0bbfb56f1a00d2af072a…
https://git.kernel.org/stable/c/5bb3caf0bbfb56f1a00d2af072ac3d8395a3b9ef
https://git.kernel.org/stable/c/629ec78ef8608d955ce217880cd…
https://git.kernel.org/stable/c/629ec78ef8608d955ce217880cdc3e1873af3a15