CVE-2026-43489
mediumEPSS Score
0.0%
Exploitation probability in 30 days
Top 93% most likely to be exploited
Vulnerability Report
Generated by CyberWatcher
Description
A flaw was found in the Linux kernel's liveupdate mechanism. When a `retrieve()` operation fails, the system does not properly record the failure status. This allows a local attacker to repeatedly attempt the operation, potentially leading to attempts to access or free already freed data structures. Such actions can result in system instability or a denial of service (DoS).
CWE
CWE-390Affected Products
Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9