PatchSiren cyber security CVE debrief
CVE-2026-43035 Linux CVE debrief
A vulnerability was found in the Linux kernel's net: sched: cls_api. The tc_chain_fill_node function did not initialize the tcm_info field of struct tcmsg, leading to a potential info-leak of 4 bytes of kernel heap memory to userspace. The vulnerability has been patched. Linux kernel versions 4.19 through 7.0 rc6 are potentially affected. Users of these versions should review and apply patches provided by Linux kernel maintainers.
- Vendor
- Linux
- Product
- Unknown
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-01
- Original CVE updated
- 2026-07-14
- Advisory published
- 2026-05-01
- Advisory updated
- 2026-07-14
Who should care
Users of Linux kernel versions 4.19 through 7.0 rc6 should review and apply patches provided by Linux kernel maintainers. Security teams and vulnerability management teams should prioritize patching and monitor for potential exploitation attempts.
Technical summary
The tc_chain_fill_node function in the Linux kernel's net: sched: cls_api did not initialize the tcm_info field of struct tcmsg. This could lead to 4 bytes of kernel heap memory being leaked to userspace when building netlink messages. The fix involves zeroing tcm_info alongside other already initialized fields. Linux kernel versions 4.19 through 7.0 rc6 are potentially affected. Users of these versions should review and apply patches provided by Linux kernel maintainers to prevent potential info-leaks. Security teams should prioritize patching and monitor for potential exploitation attempts. It is essential to verify patch application and kernel versions to ensure the vulnerability is fully remediated.
Defensive priority
Medium priority due to potential for info-leak
Recommended defensive actions
- Apply patches provided by Linux kernel maintainers
- Review and update Linux kernel versions to ensure patched versions are used
- Monitor for potential exploitation attempts
- Verify patch application and kernel versions
- Review compensating controls for exposed systems
- Check relevant monitoring, detection, and logs for exposed assets
- Track exceptions and retest remediated assets
Evidence notes
The CVE record was published on 2026-05-01T15:16:48.147Z and last modified on 2026-07-14T13:18:53.267Z. Multiple patches are available for various Linux kernel versions. Linux kernel versions 4.19 through 7.0 rc6 are potentially affected. Users should verify their kernel versions and apply patches as necessary. The vulnerability has been patched, but defenders should verify patch application and monitor for potential exploitation attempts.
Official resources
-
CVE-2026-43035 CVE record
CVE.org
-
CVE-2026-43035 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-05-01T15:16:48.147Z and has not been modified since then.