CVE-2026-43089
xfrm_user: fix info leak in build_mapping()
In the Linux kernel, the following vulnerability has been resolved:
xfrm_user: fix info leak in build_mapping()
struct xfrm_usersa_id has a one-byte padding hole after the proto
field, which ends up never getting set to zero before copying out to
userspace. Fix that up by zeroing out the whole structure before
setting individual variables.
Productos afectados
Linux · Linux¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://git.kernel.org/stable/c/1beb76b2053b68c491b78370794b8ff63c8f8c02https://git.kernel.org/stable/c/521385cbd50ca9474396d88462fcdfa6489685d9https://git.kernel.org/stable/c/5a1a4b049ddde41466ccac0daeec326254b133f2https://git.kernel.org/stable/c/700c9622b23c33b5933e6dcea816492c064e4e10https://git.kernel.org/stable/c/72a8de41c3eb4dcf22bf3b674ea38fb2f75d6f32https://git.kernel.org/stable/c/c2779ae9a3e5a044e5ccd564681511bbbcc5fc0fhttps://git.kernel.org/stable/c/d3125c541a96fb3c0fc7210112684baf22b6c24dhttps://git.kernel.org/stable/c/f779a6b6cdb6e12baa0663063ac59ab2a8f20c0c