PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-43241 Linux CVE debrief

CVE-2026-43241 is a Linux kernel memory-safety issue in ntb_hw_switchtec. The supplied advisory text says the number of MW LUTs depends on NTB configuration and may be set to MAX_MWS, which could lead to an invalid index into mw_sizes. The fix adds bounds protection and reports an invalid configuration when access would go out of range.

Vendor
Linux
Product
CVE-2026-43241
CVSS
HIGH 7.1
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-06
Original CVE updated
2026-05-11
Advisory published
2026-05-06
Advisory updated
2026-05-11

Who should care

Linux kernel maintainers, distro security teams, and operators running affected Linux kernel versions with Switchtec NTB support should care, especially where the ntb_hw_switchtec path is enabled in production or embedded deployments.

Technical summary

NVD maps this issue to CWE-125 and a CVSS 3.1 vector of AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H. The vulnerability is described as an array-index-out-of-bounds access in ntb_hw_switchtec, specifically around mw_sizes when the configured number of MW LUTs can reach MAX_MWS. The supplied metadata includes multiple kernel.org patch references, indicating the issue was fixed through upstream/stable kernel patches. NVD lists affected Linux kernel ranges ending before 5.10.252, 5.15.202, 6.1.165, 6.6.128, 6.12.75, 6.18.16, and 6.19.6.

Defensive priority

High. This is a kernel memory-safety flaw with potential confidentiality and availability impact, and it affects a broad set of Linux kernel release lines. Patch and verify any systems that include the ntb_hw_switchtec driver and Switchtec NTB hardware support.

Recommended defensive actions

  • Identify systems running affected Linux kernel versions and check whether the ntb_hw_switchtec driver is present or enabled.
  • Upgrade to a kernel release at or above the fixed versions listed by NVD for your branch.
  • Apply the referenced kernel.org patches or vendor backports where full kernel upgrades are not immediately possible.
  • Review any NTB/Switchtec deployments for configurations that could reach MAX_MWS and validate that the updated bounds checks are present.
  • Track downstream vendor advisories for backported fixes that correspond to this CVE.

Evidence notes

All factual claims are based on the supplied NVD record and its linked official kernel.org patch references. The CVE was published at 2026-05-06T12:16:44.460Z and modified at 2026-05-11T14:26:10.567Z. NVD marks the vulnerability status as Analyzed and assigns CWE-125. The supplied reference list includes multiple official patch URLs on git.kernel.org/stable, supporting that fixes were published in kernel branches. No KEV entry was provided in the supplied corpus.

Official resources

Publicly disclosed in the NVD record on 2026-05-06 and updated on 2026-05-11. No CISA KEV entry was provided in the supplied data.