{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-43030", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-05-01T14:12:55.977Z", "datePublished": "2026-05-01T14:15:30.564Z", "dateUpdated": "2026-05-01T14:15:30.564Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-01T14:15:30.564Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix regsafe() for pointers to packet\n\nIn case rold->reg->range == BEYOND_PKT_END && rcur->reg->range == N\nregsafe() may return true which may lead to current state with\nvalid packet range not being explored. Fix the bug."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/bpf/verifier.c"], "versions": [{"version": "95b6ec733752b31bfd166c4609d2c1b5cdde9b47", "lessThan": "b52f6d0ef7b308f9d05bbddb78749852f28e8e40", "status": "affected", "versionType": "git"}, {"version": "6d94e741a8ff818e5518da8257f5ca0aaed1f269", "lessThan": "37db6b9726d0bcf91cbdf9d63b558c50da49f968", "status": "affected", "versionType": "git"}, {"version": "6d94e741a8ff818e5518da8257f5ca0aaed1f269", "lessThan": "015a74476dc1ab6923d89f1ee009aaf43faa7185", "status": "affected", "versionType": "git"}, {"version": "6d94e741a8ff818e5518da8257f5ca0aaed1f269", "lessThan": "b99d82706bd1511bb875e3de7154698fd9215c99", "status": "affected", "versionType": "git"}, {"version": "6d94e741a8ff818e5518da8257f5ca0aaed1f269", "lessThan": "7241da033fdc507b920e092dab1f97b945cb0370", "status": "affected", "versionType": "git"}, {"version": "6d94e741a8ff818e5518da8257f5ca0aaed1f269", "lessThan": "8aebe18069394f4a79d2d82080a0f806da449996", "status": "affected", "versionType": "git"}, {"version": "6d94e741a8ff818e5518da8257f5ca0aaed1f269", "lessThan": "ca995b1462ec6db1e869100ba1fb7356bd3f22f0", "status": "affected", "versionType": "git"}, {"version": "6d94e741a8ff818e5518da8257f5ca0aaed1f269", "lessThan": "a8502a79e832b861e99218cbd2d8f4312d62e225", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/bpf/verifier.c"], "versions": [{"version": "5.11", "status": "affected"}, {"version": "0", "lessThan": "5.11", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.253", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.203", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.168", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.134", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.81", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.22", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.12", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10.155", "versionEndExcluding": "5.10.253"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.11", "versionEndExcluding": "5.15.203"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.11", "versionEndExcluding": "6.1.168"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.11", "versionEndExcluding": "6.6.134"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.11", "versionEndExcluding": "6.12.81"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.11", "versionEndExcluding": "6.18.22"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.11", "versionEndExcluding": "6.19.12"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.11", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/b52f6d0ef7b308f9d05bbddb78749852f28e8e40"}, {"url": "https://git.kernel.org/stable/c/37db6b9726d0bcf91cbdf9d63b558c50da49f968"}, {"url": "https://git.kernel.org/stable/c/015a74476dc1ab6923d89f1ee009aaf43faa7185"}, {"url": "https://git.kernel.org/stable/c/b99d82706bd1511bb875e3de7154698fd9215c99"}, {"url": "https://git.kernel.org/stable/c/7241da033fdc507b920e092dab1f97b945cb0370"}, {"url": "https://git.kernel.org/stable/c/8aebe18069394f4a79d2d82080a0f806da449996"}, {"url": "https://git.kernel.org/stable/c/ca995b1462ec6db1e869100ba1fb7356bd3f22f0"}, {"url": "https://git.kernel.org/stable/c/a8502a79e832b861e99218cbd2d8f4312d62e225"}], "title": "bpf: Fix regsafe() for pointers to packet", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix regsafe() for pointers to packet\n\nIn case rold->reg->range == BEYOND_PKT_END && rcur->reg->range == N\nregsafe() may return true which may lead to current state with\nvalid packet range not being explored. Fix the bug."}], "id": "CVE-2026-43030", "lastModified": "2026-05-01T15:24:14.893", "metrics": {}, "published": "2026-05-01T15:16:47.557", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/015a74476dc1ab6923d89f1ee009aaf43faa7185"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/37db6b9726d0bcf91cbdf9d63b558c50da49f968"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/7241da033fdc507b920e092dab1f97b945cb0370"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/8aebe18069394f4a79d2d82080a0f806da449996"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a8502a79e832b861e99218cbd2d8f4312d62e225"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b52f6d0ef7b308f9d05bbddb78749852f28e8e40"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b99d82706bd1511bb875e3de7154698fd9215c99"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ca995b1462ec6db1e869100ba1fb7356bd3f22f0"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: bpf: Fix regsafe() for pointers to packet", "id": "2464384", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2464384"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-372", "details": ["A flaw was found in the Linux kernel's Berkeley Packet Filter (BPF) subsystem. A logic error in the `regsafe()` function, specifically when handling pointers to packets, could lead to an incorrect state where valid packet ranges are not properly explored. This vulnerability may allow an attacker to bypass certain security checks or cause unexpected system behavior."], "name": "CVE-2026-43030", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-05-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-43030\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-43030\nhttps://lore.kernel.org/linux-cve-announce/2026050100-CVE-2026-43030-58b8@gregkh/T"], "threat_severity": "Low"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[95b6ec733752b31bfd166c4609d2c1b5cdde9b47,b52f6d0ef7b308f9d05bbddb78749852f28e8e40)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[6d94e741a8ff818e5518da8257f5ca0aaed1f269,37db6b9726d0bcf91cbdf9d63b558c50da49f968)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[6d94e741a8ff818e5518da8257f5ca0aaed1f269,015a74476dc1ab6923d89f1ee009aaf43faa7185)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[6d94e741a8ff818e5518da8257f5ca0aaed1f269,b99d82706bd1511bb875e3de7154698fd9215c99)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[6d94e741a8ff818e5518da8257f5ca0aaed1f269,7241da033fdc507b920e092dab1f97b945cb0370)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[6d94e741a8ff818e5518da8257f5ca0aaed1f269,8aebe18069394f4a79d2d82080a0f806da449996)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[6d94e741a8ff818e5518da8257f5ca0aaed1f269,ca995b1462ec6db1e869100ba1fb7356bd3f22f0)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[6d94e741a8ff818e5518da8257f5ca0aaed1f269,a8502a79e832b861e99218cbd2d8f4312d62e225)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "created": "2026-05-01T19:30:23.529703+00:00", "updated": "2026-05-01T23:15:29.811316+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"], "weaknesses": ["CWE-20"]}