Cyber Resilience

CVE-2026-43452

High

Published: 08 May 2026

Published
08 May 2026
Modified
21 May 2026
KEV Added
Patch
CVSS Score v3.1 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
EPSS Score 0.0044 35.5th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-43452 is a high-severity an unspecified weakness vulnerability in Linux Linux Kernel. Its CVSS base score is 8.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 35.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: guard option walkers against 1-byte tail reads When the last byte of options is a non-single-byte option kind, walkers that advance with i += op[i + 1] ?…

more

: 1 can read op[i + 1] past the end of the option area. Add an explicit i == optlen - 1 check before dereferencing op[i + 1] in xt_tcpudp and xt_dccp option walkers.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

OOB read in netfilter xt_tcpudp/xt_dccp option parsing enables kernel exploitation for local privilege escalation or system DoS via crafted packets.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

Affected Assets

linux
linux kernel
7.0 · 2.6.16 — 5.10.253 · 5.11 — 5.15.203 · 5.16 — 6.1.167

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References