PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-43445 Linux CVE debrief

CVE-2026-43445 is a Linux kernel availability issue in the e1000/e1000e TX DMA error cleanup path. When buffer mapping fails after one or more successful mappings, the driver should unmap the buffers already mapped for that skb. The reported bug changes the cleanup count incorrectly, so exactly one DMA mapping can leak when an error is reached. The issue was introduced after a prior infinite-loop fix in the TX map error path and is addressed by the kernel patches referenced by NVD.

Vendor
Linux
Product
Unknown
CVSS
MEDIUM 5.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-08
Original CVE updated
2026-05-21
Advisory published
2026-05-08
Advisory updated
2026-05-21

Who should care

Linux kernel maintainers, distro kernel teams, and operators of systems that use Intel e1000/e1000e network drivers should pay attention. Systems running affected kernel releases from the NVD ranges, especially those relying on these drivers for network connectivity, are the primary audience for remediation. The note in the source also flags igbvf as potentially still affected and worth reviewing.

Technical summary

The vulnerability is in DMA error cleanup for TX buffer mapping in e1000/e1000e. On a mapping failure, the driver must unwind any already-mapped buffers for the current skb. The source description says the cleanup loop’s count handling is off by one, which can leave one DMA mapping unfreed when at least one mapping succeeded before the failing mapping. NVD classifies the weakness as CWE-401 (memory leak) and rates the issue CVSS 3.1 5.5/MEDIUM with local attack conditions and high availability impact.

Defensive priority

Medium. The issue is not remote and does not affect confidentiality or integrity in the supplied assessment, but it can degrade availability through a kernel-level DMA resource leak. Prioritize remediation for systems that depend on the affected network drivers and for kernels that fall within the published vulnerable version ranges.

Recommended defensive actions

  • Apply the referenced Linux kernel patches or take the first vendor kernel release that includes them.
  • Verify whether your kernel build includes the e1000/e1000e DMA cleanup fix, especially if it was backported into a distro kernel.
  • Inventory systems using Intel e1000/e1000e drivers and review whether igbvf is present, since the source notes it may still share the issue.
  • Use the NVD version ranges to check exposure across your supported kernel branches before scheduling updates.
  • After patching, confirm the updated kernel is deployed across all affected hosts and reboot where required.

Evidence notes

The vulnerability details come from the supplied NVD record and its referenced kernel patches. NVD lists the issue as analyzed, with CWE-401 and CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. The NVD CPE ranges mark affected Linux kernel branches from 2.6.33.1 through 5.10.253, 5.11 through 5.15.203, 5.16 through 6.1.167, 6.2 through 6.6.130, 6.7 through 6.12.78, 6.13 through 6.18.19, and 6.19 through 6.19.9. The source description explicitly says the bug is in e1000/e1000e DMA error cleanup and that igbvf may still be affected.

Official resources

Published 2026-05-08 and modified 2026-05-21, per the supplied CVE timeline. Use the published date for disclosure timing; do not infer any earlier issue date from later generation or review activity.