PatchSiren cyber security CVE debrief
CVE-2026-43219 Linux CVE debrief
A vulnerability was found in the Linux kernel's net: cpsw_new. The issue arises when an error occurs during register_netdev() for the first MAC in cpsw_register_ports(). This can cause cpsw_unregister_ports() to attempt to unregister the second MAC, which has not been registered yet. To fix this, a check for ndev->reg_state before calling unregister_netdev() was added.
- Vendor
- Linux
- Product
- Unknown
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-06
- Original CVE updated
- 2026-06-09
- Advisory published
- 2026-05-06
- Advisory updated
- 2026-06-09
Who should care
Users of the Linux kernel, particularly those using versions between 5.5 and 6.18.16, or 6.19 up to 6.19.6, should be aware of this vulnerability.
Technical summary
The vulnerability has a CVSS score of 5.5 and a severity of MEDIUM. The CVSS vector is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. The CWE is NVD-CWE-noinfo.
Defensive priority
MEDIUM
Recommended defensive actions
- Apply patches from the Linux kernel repository [ref-5], [ref-6], [ref-7], [ref-4].
- Update to a Linux kernel version outside the vulnerable ranges: before 5.5 or 6.18.16 and later, or 6.19.6 and later.
Evidence notes
The CVE record [cve-org] and NVD detail [nvd] provide official information about the vulnerability.
Official resources
-
CVE-2026-43219 CVE record
CVE.org
-
CVE-2026-43219 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
CVE-2026-43219 was published on 2026-05-06 and modified on 2026-06-09.