CVE-2026-43440 Linux CVE debrief

Who should care

Linux kernel maintainers, distro security teams, and operators of systems running affected kernel versions—especially hosts using the mana driver or related networking paths—should treat this as a priority update item.

Technical summary

NVD maps CVE-2026-43440 to CWE-416 (use after free) and rates it CVSS 3.1 7.8/High (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). The affected ranges listed by NVD are Linux kernel 6.18.16 through 6.18.18, 6.19.6 through 6.19.8, plus 7.0-rc2 and 7.0-rc3. The vendor description says the fix is to set gc->service_wq to NULL after destroy_workqueue() in the mana_gd_setup() error path so later checks do not see a freed pointer.

Defensive priority

High. This is a kernel memory-safety issue with meaningful confidentiality, integrity, and availability impact, and the fix is already reflected in official kernel patch references.

Recommended defensive actions

• Identify Linux systems running kernels in the affected NVD ranges and prioritize them for patching.
• Apply the vendor/stable kernel fixes referenced by the official kernel.org patch links.
• Upgrade to a kernel version outside the affected ranges listed by NVD.
• Verify whether your fleet uses the mana networking driver and focus validation there first.
• After updating, confirm the affected setup and cleanup paths are coming from the patched kernel build.

Evidence notes

Evidence is limited to the official CVE/NVD record and kernel.org patch references supplied in the source corpus. NVD marks the vulnerability as analyzed, assigns CWE-416, and lists three official patch references. The CVE description states the fix is to null gc->service_wq after destroy_workqueue() in mana_gd_setup() to prevent a use-after-free when setup fails.

Official resources