Cyber Resilience

CVE-2026-43028

High

Published: 01 May 2026

Published
01 May 2026
Modified
08 May 2026
KEV Added
Patch
CVSS Score v3.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
EPSS Score 0.0001 3.6th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-43028 is a high-severity an unspecified weakness vulnerability in Linux Linux Kernel. Its CVSS base score is 7.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Credential Access (T1212); ranked at the 3.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-43028 affects the Linux kernel's netfilter x_tables component. The vulnerability arises when names lacking a null terminator (\0) character are passed to functions expecting C-strings, potentially leading to improper handling or memory issues. Published on 2026-05-01, it carries a CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H).

A local attacker with low privileges can exploit this vulnerability with low attack complexity and no user interaction. Successful exploitation enables high-impact outcomes on confidentiality, such as unauthorized access to sensitive kernel memory, and availability, potentially causing denial of service through crashes or resource exhaustion.

Mitigation is available via patches in Linux kernel stable trees, as detailed in the referenced commits: https://git.kernel.org/stable/c/673bbd36cba21d10a10f0932f479df7468e26fbb, https://git.kernel.org/stable/c/73124608172890306b85f2206d8b3cac20e324f1, https://git.kernel.org/stable/c/a958a4f90ddd7de0800b33ca9d7b886b7d40f74e, https://git.kernel.org/stable/c/aa6cd4a8863391e0a64f62d8922cb0af732a2cf2, and https://git.kernel.org/stable/c/bcac50ea0a29d430eedc5ac87b215393b567baa9. These commits reject non-null-terminated names and address the most recent "Fixes" tagged changes; affected systems should update to kernels incorporating these patches.

EU & UK References

Vulnerability details

In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: ensure names are nul-terminated Reject names that lack a \0 character before feeding them to functions that expect c-strings. Fixes tag is the most recent commit that needs…

more

this change.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1212 Exploitation for Credential Access Credential Access
Adversaries may exploit software vulnerabilities in an attempt to collect credentials.
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Local kernel vulnerability enables exploitation for credential access via sensitive memory disclosure and endpoint DoS via system crashes or resource exhaustion.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-31674Same product: Linux Linux Kernel
CVE-2025-21743Same product: Linux Linux Kernel
CVE-2026-31679Same product: Linux Linux Kernel
CVE-2026-31484Same product: Linux Linux Kernel
CVE-2026-31568Same product: Linux Linux Kernel
CVE-2026-23327Same product: Linux Linux Kernel
CVE-2026-31774Same product: Linux Linux Kernel
CVE-2026-23325Same product: Linux Linux Kernel
CVE-2026-43042Same product: Linux Linux Kernel
CVE-2024-57945Same product: Linux Linux Kernel

Affected Assets

linux
linux kernel
7.0 · 4.5 — 5.10.253 · 5.11 — 5.15.203 · 5.16 — 6.1.168

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires timely identification, reporting, and patching of kernel flaws like the netfilter x_tables null-termination issue to prevent exploitation.

prevent

Mandates validation of information inputs such as non-null-terminated names before processing by kernel functions expecting C-strings.

prevent

Implements memory protections like ASLR and non-executable memory to mitigate unauthorized kernel memory access and crashes from improper string handling.

References