[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2026-43501":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-15T22:50:23.791Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":14,"duplicates":37,"related":38,"reserved_at":9,"published_at":44,"modified_at":45,"state":46,"summary":47,"references_raw":56,"kevs":90,"epss":91,"epss_history":94,"metrics":169,"affected":176},"CVE-2026-43501","In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: rpl: reserve mac_len headroom when recompressed SRH grows\n\nipv6_rpl_srh_rcv() decompresses an RFC 6554 Source Routing Header, swaps\nthe next segment into ipv6_hdr->daddr, recompresses, then pulls the old\nheader and pushes the new one plus the IPv6 header back.  The\nrecompressed header can be larger than the received one when the swap\nreduces the common-prefix length the segments share with daddr (CmprI=0,\nCmprE>0, seg[0][0] != daddr[0] gives the maximum +8 bytes).\n\npskb_expand_head() was gated on segments_left == 0, so on earlier\nsegments the push consumed unchecked headroom.  Once skb_push() leaves\nfewer than skb->mac_len bytes in front of data,\nskb_mac_header_rebuild()'s call to:\n\n\tskb_set_mac_header(skb, -skb->mac_len);\n\nwill store (data - head) - mac_len into the u16 mac_header field, which\nwraps to ~65530, and the following memmove() writes mac_len bytes ~64KiB\npast skb->head.\n\nA single AF_INET6/SOCK_RAW/IPV6_HDRINCL packet over lo with a two\nsegment type-3 SRH (CmprI=0, CmprE=15) reaches headroom 8 after one\npass; KASAN reports a 14-byte OOB write in ipv6_rthdr_rcv.\n\nFix this by expanding the head whenever the remaining room is less than\nthe push size plus mac_len, and request that much extra so the rebuilt\nMAC header fits afterwards.",null,[],[],[],[],[15,17,19,21,23,25,27,29,31,33,35],{"_key":16},"OPENSUSE-SU-2026:10859-1",{"_key":18},"MGASA-2026-0174",{"_key":20},"MGASA-2026-0177",{"_key":22},"SUSE-SU-2026:2310-1",{"_key":24},"UBUNTU-CVE-2026-43501",{"_key":26},"SUSE-SU-2026:2332-1",{"_key":28},"SUSE-SU-2026:2331-1",{"_key":30},"SUSE-SU-2026:2383-1",{"_key":32},"RHSA-2026:25191",{"_key":34},"RHSA-2026:25217",{"_key":36},"DEBIAN-CVE-2026-43501",[],[39,40,41,42,43],{"_key":16},{"_key":22},{"_key":26},{"_key":28},{"_key":30},"2026-05-21T12:17:49.885Z","2026-06-14T17:45:41.875Z","Awaiting Analysis",{"cisa_kev":48,"cisa_ransomware":48,"cisa_vendor":9,"epss_severity":49,"epss_score":50,"severity":51,"severity_score":52,"severity_version":53,"severity_source":54,"severity_vector":55,"severity_status":46},false,"low",0.00399,"critical",9.8,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[57,62,66,70,74,78,82,86],{"url":58,"sources":59,"tags":61},"https://git.kernel.org/stable/c/8e8be63465a5e80394c70324603dfea1bfdad48f",[54,60],"nvd",[],{"url":63,"sources":64,"tags":65},"https://git.kernel.org/stable/c/4babc2d9fda2df43823b85d08a0180b68f1b0854",[54,60],[],{"url":67,"sources":68,"tags":69},"https://git.kernel.org/stable/c/c261d07a80576dc8ccf394ef8f074f8c67a06b37",[54,60],[],{"url":71,"sources":72,"tags":73},"https://git.kernel.org/stable/c/7398ebefbfd4f8a31d4f665a4213302fa995494b",[54,60],[],{"url":75,"sources":76,"tags":77},"https://git.kernel.org/stable/c/9e6bf146b55999a095bb14f73a843942456d1adc",[54,60],[],{"url":79,"sources":80,"tags":81},"https://git.kernel.org/stable/c/bde199c72d319a4e207f88daabc888317504e2fb",[54,60],[],{"url":83,"sources":84,"tags":85},"https://git.kernel.org/stable/c/be1fa0aa9b4fdd5a8b7a61ba520a690a68391e6e",[54,60],[],{"url":87,"sources":88,"tags":89},"https://git.kernel.org/stable/c/0a9e8053f1f8a8e1bfc1dd61ffe67be6c1180402",[54,60],[],[],{"date":92,"score":50,"percentile":93},"2026-06-15",0.31417,[95,99,102,104,107,110,113,116,119,123,126,129,133,135,138,141,144,147,150,153,156,159,162,165,168],{"date":96,"score":97,"percentile":98},"2026-05-22",0.00024,0.07224,{"date":100,"score":97,"percentile":101},"2026-05-23",0.07227,{"date":103,"score":97,"percentile":98},"2026-05-24",{"date":105,"score":97,"percentile":106},"2026-05-25",0.07206,{"date":108,"score":97,"percentile":109},"2026-05-26",0.07187,{"date":111,"score":97,"percentile":112},"2026-05-27",0.06949,{"date":114,"score":97,"percentile":115},"2026-05-28",0.07066,{"date":117,"score":97,"percentile":118},"2026-05-29",0.07077,{"date":120,"score":121,"percentile":122},"2026-05-30",0.0006,0.1911,{"date":124,"score":121,"percentile":125},"2026-05-31",0.19102,{"date":127,"score":121,"percentile":128},"2026-06-01",0.19083,{"date":130,"score":131,"percentile":132},"2026-06-02",0.0007,0.21576,{"date":134,"score":131,"percentile":132},"2026-06-03",{"date":136,"score":131,"percentile":137},"2026-06-04",0.21578,{"date":139,"score":131,"percentile":140},"2026-06-05",0.21657,{"date":142,"score":131,"percentile":143},"2026-06-06",0.21643,{"date":145,"score":131,"percentile":146},"2026-06-07",0.21598,{"date":148,"score":131,"percentile":149},"2026-06-08",0.2154,{"date":151,"score":131,"percentile":152},"2026-06-09",0.21548,{"date":154,"score":131,"percentile":155},"2026-06-10",0.21569,{"date":157,"score":131,"percentile":158},"2026-06-11",0.2159,{"date":160,"score":131,"percentile":161},"2026-06-12",0.21777,{"date":163,"score":131,"percentile":164},"2026-06-13",0.2179,{"date":166,"score":131,"percentile":167},"2026-06-14",0.21763,{"date":92,"score":50,"percentile":93},[170,174],{"source":54,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":171,"cvss_v4_0":9},{"baseScore":52,"baseSeverity":172,"vectorString":55,"impactScore":52,"exploitabilityScore":173},"CRITICAL",10,{"source":60,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":175,"cvss_v4_0":9},{"baseScore":52,"baseSeverity":172,"vectorString":55,"impactScore":52,"exploitabilityScore":173},[177],{"ecosystem":9,"name":178,"vendor":179,"product":179,"cpe_part":180,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":181},"Linux","linux","a",[182,189,192,195,198,201,204,207,210],{"version":183,"is_range":184,"range_type":54,"version_start":185,"version_start_type":186,"version_end":187,"version_end_type":188,"fixed_in":9},">= 8610c7c6e3bd647ff98d21c8bc0580e77bc2f8b3, \u003C bde199c72d319a4e207f88daabc888317504e2fb",true,"8610c7c6e3bd647ff98d21c8bc0580e77bc2f8b3","including","bde199c72d319a4e207f88daabc888317504e2fb","excluding",{"version":190,"is_range":184,"range_type":54,"version_start":185,"version_start_type":186,"version_end":191,"version_end_type":188,"fixed_in":9},">= 8610c7c6e3bd647ff98d21c8bc0580e77bc2f8b3, \u003C be1fa0aa9b4fdd5a8b7a61ba520a690a68391e6e","be1fa0aa9b4fdd5a8b7a61ba520a690a68391e6e",{"version":193,"is_range":184,"range_type":54,"version_start":185,"version_start_type":186,"version_end":194,"version_end_type":188,"fixed_in":9},">= 8610c7c6e3bd647ff98d21c8bc0580e77bc2f8b3, \u003C 0a9e8053f1f8a8e1bfc1dd61ffe67be6c1180402","0a9e8053f1f8a8e1bfc1dd61ffe67be6c1180402",{"version":196,"is_range":184,"range_type":54,"version_start":185,"version_start_type":186,"version_end":197,"version_end_type":188,"fixed_in":9},">= 8610c7c6e3bd647ff98d21c8bc0580e77bc2f8b3, \u003C 8e8be63465a5e80394c70324603dfea1bfdad48f","8e8be63465a5e80394c70324603dfea1bfdad48f",{"version":199,"is_range":184,"range_type":54,"version_start":185,"version_start_type":186,"version_end":200,"version_end_type":188,"fixed_in":9},">= 8610c7c6e3bd647ff98d21c8bc0580e77bc2f8b3, \u003C 4babc2d9fda2df43823b85d08a0180b68f1b0854","4babc2d9fda2df43823b85d08a0180b68f1b0854",{"version":202,"is_range":184,"range_type":54,"version_start":185,"version_start_type":186,"version_end":203,"version_end_type":188,"fixed_in":9},">= 8610c7c6e3bd647ff98d21c8bc0580e77bc2f8b3, \u003C c261d07a80576dc8ccf394ef8f074f8c67a06b37","c261d07a80576dc8ccf394ef8f074f8c67a06b37",{"version":205,"is_range":184,"range_type":54,"version_start":185,"version_start_type":186,"version_end":206,"version_end_type":188,"fixed_in":9},">= 8610c7c6e3bd647ff98d21c8bc0580e77bc2f8b3, \u003C 7398ebefbfd4f8a31d4f665a4213302fa995494b","7398ebefbfd4f8a31d4f665a4213302fa995494b",{"version":208,"is_range":184,"range_type":54,"version_start":185,"version_start_type":186,"version_end":209,"version_end_type":188,"fixed_in":9},">= 8610c7c6e3bd647ff98d21c8bc0580e77bc2f8b3, \u003C 9e6bf146b55999a095bb14f73a843942456d1adc","9e6bf146b55999a095bb14f73a843942456d1adc",{"version":211,"is_range":48,"range_type":54,"version_start":211,"version_start_type":186,"version_end":211,"version_end_type":186,"fixed_in":9},"5.7"]