Description

In the Linux kernel, the following vulnerability has been resolved: mpls: add seqcount to protect the platform_label{,s} pair The RCU-protected codepaths (mpls_forward, mpls_dump_routes) can have an inconsistent view of platform_labels vs platform_label in case of a concurrent resize (resize_platform_label_table, under platform_mutex). This can lead to OOB accesses. This patch adds a seqcount, so that we get a consistent snapshot. Note that mpls_label_ok is also susceptible to this, so the check against RTA_DST in rtm_to_route_config, done outside platform_mutex, is not sufficient. This value gets passed to mpls_label_ok once more in both mpls_route_add and mpls_route_del, so there is no issue, but that additional check must not be removed.

INFO

Published Date :

2026-05-01T14:15:38.882Z

Last Modified :

2026-05-03T05:46:19.755Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2026-43042 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-43042.

URL Resource
https://git.kernel.org/stable/c/5bb3caf0bbfb56f1a00d2af072ac3d8395a3b9ef cve-icon cve-icon
https://git.kernel.org/stable/c/629ec78ef8608d955ce217880cdc3e1873af3a15 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026050104-CVE-2026-43042-8e66@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-43042 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-43042 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact