CVE-2026-43208 PUBLISHED

net: do not pass flow_id to set_rps_cpu()

Assigner: Linux
Reserved: 01.05.2026 Published: 06.05.2026 Updated: 06.05.2026

In the Linux kernel, the following vulnerability has been resolved:

net: do not pass flow_id to set_rps_cpu()

Blamed commit made the assumption that the RPS table for each receive queue would have the same size, and that it would not change.

Compute flow_id in set_rps_cpu(), do not assume we can use the value computed by get_rps_cpu(). Otherwise we risk out-of-bound access and/or crashes.

Product Status

Vendor Linux
Product Linux
Versions Default: unaffected
  • affected from 48aa30443e52c9666d5cd5e67532e475f212337e to 5455a232edea6b946b99449f15ca771a8874a5a6 (excl.)
  • affected from 48aa30443e52c9666d5cd5e67532e475f212337e to ed712dc0d64dee5f0d05e4d8ca57711f8a9c850c (excl.)
  • affected from 48aa30443e52c9666d5cd5e67532e475f212337e to 8a8a9fac9efa6423fd74938b940cb7d731780718 (excl.)
Vendor Linux
Product Linux
Versions Default: affected
  • Version 6.18 is affected
  • unaffected from 0 to 6.18 (excl.)
  • unaffected from 6.18.16 to 6.18.* (incl.)
  • unaffected from 6.19.6 to 6.19.* (incl.)
  • unaffected from 7.0 to * (incl.)

References