Description

In the Linux kernel, the following vulnerability has been resolved: tcp: fix potential race in tcp_v6_syn_recv_sock() Code in tcp_v6_syn_recv_sock() after the call to tcp_v4_syn_recv_sock() is done too late. After tcp_v4_syn_recv_sock(), the child socket is already visible from TCP ehash table and other cpus might use it. Since newinet->pinet6 is still pointing to the listener ipv6_pinfo bad things can happen as syzbot found. Move the problematic code in tcp_v6_mapped_child_init() and call this new helper from tcp_v4_syn_recv_sock() before the ehash insertion. This allows the removal of one tcp_sync_mss(), since tcp_v4_syn_recv_sock() will call it with the correct context.

INFO

Published Date :

2026-05-06T11:28:05.569Z

Last Modified :

2026-05-08T12:41:10.445Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2026-43198 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-43198.

URL Resource
https://git.kernel.org/stable/c/7178e2a8027423b2af17ab95df73a749a5b72e5b cve-icon cve-icon
https://git.kernel.org/stable/c/858d2a4f67ff69e645a43487ef7ea7f28f06deae cve-icon cve-icon
https://git.kernel.org/stable/c/fe89b2f05b854847784f91127319172945c1fadd cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026050645-CVE-2026-43198-0870@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-43198 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-43198 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact