CVE-2026-43489

medium Red Hat
EPSS Score
0.0%
Exploitation probability in 30 days
Top 93% most likely to be exploited
Published: May 13, 2026 (58 days ago)
Last Modified: May 13, 2026
Vendor: Red Hat
Source: REDHAT

Description

A flaw was found in the Linux kernel's liveupdate mechanism. When a `retrieve()` operation fails, the system does not properly record the failure status. This allows a local attacker to repeatedly attempt the operation, potentially leading to attempts to access or free already freed data structures. Such actions can result in system instability or a denial of service (DoS).

CWE

CWE-390

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9

References