VYPR
← All advisories
High severity7.8NVD Advisory· Published May 1, 2026· Updated May 8, 2026

CVE-2026-43030

CVE-2026-43030

Description

In the Linux kernel, the following vulnerability has been resolved:

bpf: Fix regsafe() for pointers to packet

In case rold->reg->range == BEYOND_PKT_END && rcur->reg->range == N regsafe() may return true which may lead to current state with valid packet range not being explored. Fix the bug.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

In the Linux kernel, a BPF verifier bug in regsafe() could incorrectly compare packet pointers, leading to unexplored valid states and potential memory safety issues.

Vulnerability

Description

CVE-2026-43030 is a vulnerability in the Linux kernel's BPF (Berkeley Packet Filter) verifier. The flaw resides in the regsafe() function, which determines if a register state is equivalent to a previous state for verification purposes. When comparing pointers to packet data, if rold->range is BEYOND_PKT_END and rcur->range is a normal value (N), regsafe() could incorrectly return true. This incorrectly treats the current state as already visited, preventing the verifier from exploring paths where the packet pointer has a valid range [1].

Exploitation

Prerequisites

Exploitation requires the ability to load and execute BPF programs, which typically requires CAP_BPF or root privileges. The attacker must craft a specific BPF program that triggers the erroneous comparison in the verifier. No user interaction or network access is needed; the attack is local with low complexity.

Impact

If exploited, an attacker could bypass BPF verifier safety checks, potentially leading to out-of-bounds memory access or other memory corruption issues. This could allow privilege escalation or system compromise. The CVSS v3 score is 7.8 (High), reflecting high impacts on confidentiality, integrity, and availability [2].

Mitigation

Patches have been applied to the stable Linux kernel tree. Users should update to a kernel version containing the fix, which is referenced in commits such as [1], [2], [3], and [4]. No workarounds are documented; upgrading is the recommended action.

References
  1. Making sure you're not a bot!
  2. Making sure you're not a bot!
  3. Making sure you're not a bot!
  4. Making sure you're not a bot!

AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

8
  • Linux/Kernelinferred8 versions
    (expand)+ 7 more
    • (no CPE)
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=5.10.155,<5.10.253
    • cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

News mentions

0

No linked articles in our index yet.