CVE-2026-43500
Linux · Kernel
The Linux kernel is vulnerable to a memory handling flaw in the rxrpc protocol, where DATA/RESPONSE packets are incorrectly handled, potentially leading to local privilege escalation.
Executive summary
A critical memory management vulnerability in the Linux kernel rxrpc protocol allows local attackers to trigger memory corruption, potentially leading to privilege escalation.
Vulnerability
This vulnerability occurs in the rxrpc protocol handler due to improper unsharing of skb (socket buffer) packets when paged fragments are present. It requires a local attacker with low privileges to trigger the flaw.
Business impact
Exploitation allows a local user to compromise the integrity and availability of the system. With a CVSS score of 7.8, this vulnerability is significant, especially in multi-user environments where local privilege escalation could lead to total system takeover or unauthorized access to sensitive kernel-level data.
Remediation
Immediate Action: Update the Linux kernel to version 6.6.140, 6.12.88, 6.18.29, or 7.0.6, depending on your current distribution branch.
Proactive Monitoring: Review system audit logs for repeated kernel crashes or unexpected service interruptions associated with the rxrpc module.
Compensating Controls: Limit access to the system to trusted users only and ensure that kernel hardening features like SELinux or AppArmor are strictly enforced.
Exploitation status
Public Exploit Available: Yes — a Metasploit module and ExploitDB entry exist.
Analyst recommendation
Given that weaponized exploits are publicly available, this vulnerability poses a severe threat. System administrators must prioritize patching the Linux kernel across all affected production environments immediately to prevent local privilege escalation.