[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2026-43037":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":36,"related":37,"reserved_at":9,"published_at":38,"modified_at":39,"state":40,"summary":41,"references_raw":50,"kevs":85,"epss":86,"epss_history":89,"metrics":195,"affected":202},"CVE-2026-43037","In the Linux kernel, the following vulnerability has been resolved:\n\nip6_tunnel: clear skb2->cb[] in ip4ip6_err()\n\nOskar Kjos reported the following problem.\n\nip4ip6_err() calls icmp_send() on a cloned skb whose cb[] was written\nby the IPv6 receive path as struct inet6_skb_parm. icmp_send() passes\nIPCB(skb2) to __ip_options_echo(), which interprets that cb[] region\nas struct inet_skb_parm (IPv4). The layouts differ: inet6_skb_parm.nhoff\nat offset 14 overlaps inet_skb_parm.opt.rr, producing a non-zero rr\nvalue. __ip_options_echo() then reads optlen from attacker-controlled\npacket data at sptr[rr+1] and copies that many bytes into dopt->__data,\na fixed 40-byte stack buffer (IP_OPTIONS_DATA_FIXED_SIZE).\n\nTo fix this we clear skb2->cb[], as suggested by Oskar Kjos.\n\nAlso add minimal IPv4 header validation (version == 4, ihl >= 5).",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-787","Out-of-bounds Write","The product writes data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base","High",[],[],[],[],[24,26,28,30,32,34],{"_key":25},"MGASA-2026-0108",{"_key":27},"MGASA-2026-0110",{"_key":29},"DEBIAN-CVE-2026-43037",{"_key":31},"RHSA-2026:22900",{"_key":33},"RHSA-2026:22940",{"_key":35},"UBUNTU-CVE-2026-43037",[],[],"2026-05-01T14:15:35.314Z","2026-05-11T22:16:29.957Z","Analyzed",{"cisa_kev":42,"cisa_ransomware":42,"cisa_vendor":9,"epss_severity":43,"epss_score":44,"severity":45,"severity_score":46,"severity_version":47,"severity_source":48,"severity_vector":49,"severity_status":40},false,"low",0.00096,"critical",9.8,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[51,57,61,65,69,73,77,81],{"url":52,"sources":53,"tags":55},"https://git.kernel.org/stable/c/ea9f65b27c8404e164848ebff1443310fd187629",[48,54],"nvd",[56],"Patch",{"url":58,"sources":59,"tags":60},"https://git.kernel.org/stable/c/d6621f60192fe10c047a4487be42a6f4c150707f",[48,54],[56],{"url":62,"sources":63,"tags":64},"https://git.kernel.org/stable/c/2cc6e3b0fe0f0242d1f530a93a4924f48ab85ba5",[48,54],[56],{"url":66,"sources":67,"tags":68},"https://git.kernel.org/stable/c/a0c4ce9900a108eaf55d0f3b399cb55999647d39",[48,54],[56],{"url":70,"sources":71,"tags":72},"https://git.kernel.org/stable/c/1063515ce15ff31065c4e7f8265f4c2fd3c54876",[48,54],[56],{"url":74,"sources":75,"tags":76},"https://git.kernel.org/stable/c/590f622669b97eaf7b57a1de7b0a6e68c5d8b2c3",[48,54],[56],{"url":78,"sources":79,"tags":80},"https://git.kernel.org/stable/c/4a622658f384b03560834cbe8ffcfe69a278f7c8",[48,54],[56],{"url":82,"sources":83,"tags":84},"https://git.kernel.org/stable/c/2edfa31769a4add828a7e604b21cb82aaaa05925",[48,54],[56],[],{"date":87,"score":44,"percentile":88},"2026-06-04",0.26588,[90,94,98,101,104,107,111,114,117,120,123,126,130,133,136,139,142,145,148,151,154,157,160,163,166,170,173,176,179,182,185,188,191,194],{"date":91,"score":92,"percentile":93},"2026-05-02",0.00024,0.06822,{"date":95,"score":96,"percentile":97},"2026-05-03",0.00053,0.16491,{"date":99,"score":96,"percentile":100},"2026-05-04",0.16425,{"date":102,"score":96,"percentile":103},"2026-05-05",0.16406,{"date":105,"score":96,"percentile":106},"2026-05-06",0.16403,{"date":108,"score":109,"percentile":110},"2026-05-07",0.0007,0.2122,{"date":112,"score":109,"percentile":113},"2026-05-08",0.21238,{"date":115,"score":109,"percentile":116},"2026-05-09",0.21307,{"date":118,"score":109,"percentile":119},"2026-05-10",0.21304,{"date":121,"score":109,"percentile":122},"2026-05-11",0.21284,{"date":124,"score":109,"percentile":125},"2026-05-12",0.21306,{"date":127,"score":128,"percentile":129},"2026-05-13",0.00112,0.29255,{"date":131,"score":128,"percentile":132},"2026-05-14",0.2928,{"date":134,"score":128,"percentile":135},"2026-05-15",0.2929,{"date":137,"score":128,"percentile":138},"2026-05-16",0.29294,{"date":140,"score":128,"percentile":141},"2026-05-17",0.29247,{"date":143,"score":128,"percentile":144},"2026-05-18",0.29182,{"date":146,"score":128,"percentile":147},"2026-05-19",0.29191,{"date":149,"score":128,"percentile":150},"2026-05-20",0.29185,{"date":152,"score":128,"percentile":153},"2026-05-21",0.29189,{"date":155,"score":128,"percentile":156},"2026-05-22",0.29237,{"date":158,"score":128,"percentile":159},"2026-05-23",0.29233,{"date":161,"score":128,"percentile":162},"2026-05-24",0.292,{"date":164,"score":128,"percentile":165},"2026-05-25",0.29178,{"date":167,"score":168,"percentile":169},"2026-05-26",0.00088,0.25011,{"date":171,"score":168,"percentile":172},"2026-05-27",0.2509,{"date":174,"score":168,"percentile":175},"2026-05-28",0.25199,{"date":177,"score":168,"percentile":178},"2026-05-29",0.25254,{"date":180,"score":168,"percentile":181},"2026-05-30",0.25253,{"date":183,"score":168,"percentile":184},"2026-05-31",0.25252,{"date":186,"score":168,"percentile":187},"2026-06-01",0.25242,{"date":189,"score":44,"percentile":190},"2026-06-02",0.26611,{"date":192,"score":44,"percentile":193},"2026-06-03",0.26596,{"date":87,"score":44,"percentile":88},[196,200],{"source":48,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":197,"cvss_v4_0":9},{"baseScore":46,"baseSeverity":198,"vectorString":49,"impactScore":46,"exploitabilityScore":199},"CRITICAL",10,{"source":54,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":201,"cvss_v4_0":9},{"baseScore":46,"baseSeverity":198,"vectorString":49,"impactScore":46,"exploitabilityScore":199},[203,238],{"ecosystem":9,"name":204,"vendor":205,"product":205,"cpe_part":206,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":207},"Linux","linux","a",[208,215,218,221,224,227,230,233,236],{"version":209,"is_range":210,"range_type":48,"version_start":211,"version_start_type":212,"version_end":213,"version_end_type":214,"fixed_in":9},">= c4d3efafcc933fd2ffd169d7dc4f980393a13796, \u003C ea9f65b27c8404e164848ebff1443310fd187629",true,"c4d3efafcc933fd2ffd169d7dc4f980393a13796","including","ea9f65b27c8404e164848ebff1443310fd187629","excluding",{"version":216,"is_range":210,"range_type":48,"version_start":211,"version_start_type":212,"version_end":217,"version_end_type":214,"fixed_in":9},">= c4d3efafcc933fd2ffd169d7dc4f980393a13796, \u003C d6621f60192fe10c047a4487be42a6f4c150707f","d6621f60192fe10c047a4487be42a6f4c150707f",{"version":219,"is_range":210,"range_type":48,"version_start":211,"version_start_type":212,"version_end":220,"version_end_type":214,"fixed_in":9},">= c4d3efafcc933fd2ffd169d7dc4f980393a13796, \u003C 2cc6e3b0fe0f0242d1f530a93a4924f48ab85ba5","2cc6e3b0fe0f0242d1f530a93a4924f48ab85ba5",{"version":222,"is_range":210,"range_type":48,"version_start":211,"version_start_type":212,"version_end":223,"version_end_type":214,"fixed_in":9},">= c4d3efafcc933fd2ffd169d7dc4f980393a13796, \u003C a0c4ce9900a108eaf55d0f3b399cb55999647d39","a0c4ce9900a108eaf55d0f3b399cb55999647d39",{"version":225,"is_range":210,"range_type":48,"version_start":211,"version_start_type":212,"version_end":226,"version_end_type":214,"fixed_in":9},">= c4d3efafcc933fd2ffd169d7dc4f980393a13796, \u003C 1063515ce15ff31065c4e7f8265f4c2fd3c54876","1063515ce15ff31065c4e7f8265f4c2fd3c54876",{"version":228,"is_range":210,"range_type":48,"version_start":211,"version_start_type":212,"version_end":229,"version_end_type":214,"fixed_in":9},">= c4d3efafcc933fd2ffd169d7dc4f980393a13796, \u003C 590f622669b97eaf7b57a1de7b0a6e68c5d8b2c3","590f622669b97eaf7b57a1de7b0a6e68c5d8b2c3",{"version":231,"is_range":210,"range_type":48,"version_start":211,"version_start_type":212,"version_end":232,"version_end_type":214,"fixed_in":9},">= c4d3efafcc933fd2ffd169d7dc4f980393a13796, \u003C 4a622658f384b03560834cbe8ffcfe69a278f7c8","4a622658f384b03560834cbe8ffcfe69a278f7c8",{"version":234,"is_range":210,"range_type":48,"version_start":211,"version_start_type":212,"version_end":235,"version_end_type":214,"fixed_in":9},">= c4d3efafcc933fd2ffd169d7dc4f980393a13796, \u003C 2edfa31769a4add828a7e604b21cb82aaaa05925","2edfa31769a4add828a7e604b21cb82aaaa05925",{"version":237,"is_range":42,"range_type":48,"version_start":237,"version_start_type":212,"version_end":237,"version_end_type":212,"fixed_in":9},"2.6.22",{"ecosystem":9,"name":239,"vendor":205,"product":240,"cpe_part":241,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":242},"linux kernel","linux_kernel","o",[243,247,251,255,259,263,267,271,273,275,277,279,281],{"version":244,"is_range":210,"range_type":245,"version_start":237,"version_start_type":212,"version_end":246,"version_end_type":214,"fixed_in":9},"gte2.6.22_lt5.10.253","cpe","5.10.253",{"version":248,"is_range":210,"range_type":245,"version_start":249,"version_start_type":212,"version_end":250,"version_end_type":214,"fixed_in":9},"gte5.11_lt5.15.203","5.11","5.15.203",{"version":252,"is_range":210,"range_type":245,"version_start":253,"version_start_type":212,"version_end":254,"version_end_type":214,"fixed_in":9},"gte5.16_lt6.1.168","5.16","6.1.168",{"version":256,"is_range":210,"range_type":245,"version_start":257,"version_start_type":212,"version_end":258,"version_end_type":214,"fixed_in":9},"gte6.2_lt6.6.134","6.2","6.6.134",{"version":260,"is_range":210,"range_type":245,"version_start":261,"version_start_type":212,"version_end":262,"version_end_type":214,"fixed_in":9},"gte6.7_lt6.12.81","6.7","6.12.81",{"version":264,"is_range":210,"range_type":245,"version_start":265,"version_start_type":212,"version_end":266,"version_end_type":214,"fixed_in":9},"gte6.13_lt6.18.22","6.13","6.18.22",{"version":268,"is_range":210,"range_type":245,"version_start":269,"version_start_type":212,"version_end":270,"version_end_type":214,"fixed_in":9},"gte6.19_lt6.19.12","6.19","6.19.12",{"version":272,"is_range":42,"range_type":245,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0:rc1",{"version":274,"is_range":42,"range_type":245,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0:rc2",{"version":276,"is_range":42,"range_type":245,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0:rc3",{"version":278,"is_range":42,"range_type":245,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0:rc4",{"version":280,"is_range":42,"range_type":245,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0:rc5",{"version":282,"is_range":42,"range_type":245,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0:rc6"]