CVE-2026-43454 - Vulnerability Details

- netfilter: nf_tables: Fix for duplicate device in netdev hooks

Description

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: Fix for duplicate device in netdev hooks

When handling NETDEV_REGISTER notification, duplicate device
registration must be avoided since the device may have been added by
nft_netdev_hook_alloc() already when creating the hook.

Published: 2026-05-08

Score: 5.5 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability occurs when the NETDEV_REGISTER notification is processed; the kernel may attempt to register a network device that has already been added by the nft_netdev_hook_alloc() routine during hook creation. This duplicate registration can lead to unintended resource handling or kernel inconsistencies within the netfilter subsystem, which may in turn affect the reliability of network filtering. No confidentiality or integrity impacts are explicitly described, but based on the description it is inferred that the mishandling could raise the risk of service disruption. The official fix resolves the issue by preventing the duplicate device registration.

Affected Systems

The affected component is the Linux kernel. No specific kernel versions are enumerated in the advisory, but the fix is present in recent kernel source updates, as referenced by the provided commit URLs.

Risk and Exploitability

The EPSS score of 0.00017 (less than 1%) indicates a very low likelihood of exploitation. The vulnerability is not listed in the CISA KEV catalog, indicating no public exploits are known. The CVSS score of 5.5 suggests a moderate impact. Based on the description, it is inferred that the vulnerability would require a privileged attacker with kernel access to trigger duplicate device registration, making the attack vector highly privileged and local. With the low EPSS and absence of known exploits, the risk is considered low to moderate when other mitigating factors are absent, but administrators should still address the issue promptly to avoid potential operational instability.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`a331b78a552551d0e404e58e6390b1c828d6af8f`	affected	< 6d2a95c6890577cc3eab2b20018e16850d7fb094
`a331b78a552551d0e404e58e6390b1c828d6af8f`	affected	< 2041cdb078041611510fc189410bc70b29f688fb
`a331b78a552551d0e404e58e6390b1c828d6af8f`	affected	< b7cdc5a97d02c943f4bdde4d5767ad0c13cad92b

Linux

affected

Version	Status	Constraints
`6.16`	affected	—
`0`	unaffected	< 6.16
`6.18.19`	unaffected	≤ 6.18.*
`6.19.9`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[a331b78a552551d0e404e58e6390b1c828d6af8f,6d2a95c6890577cc3eab2b20018e16850d7fb094)`	affected	code_commit	—
`[a331b78a552551d0e404e58e6390b1c828d6af8f,2041cdb078041611510fc189410bc70b29f688fb)`	affected	code_commit	—
`[a331b78a552551d0e404e58e6390b1c828d6af8f,b7cdc5a97d02c943f4bdde4d5767ad0c13cad92b)`	affected	code_commit	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`6.16`	affected	generic	—
`[0,6.16)`	unaffected	generic	—
`[6.18.19,6.19.0]`	unaffected	generic	—
`[6.19.9,6.20.0]`	unaffected	generic	—
`[7.0,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Update the Linux kernel to a release that includes the patches referenced in the advisory (commits 2041cdb, 6d2a95c, and b7cdc5).
If a full kernel upgrade is not immediately possible, backport the changes from those commits to the current kernel source and rebuild.
Reboot the system to activate the updated kernel.

Generated by OpenCVE AI on May 9, 2026 at 16:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00017.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/2041cdb078041611510fc189410bc70b29f688fb
https://git.kernel.org/stable/c/6d2a95c6890577cc3eab2b20018e16850d7fb094
https://git.kernel.org/stable/c/b7cdc5a97d02c943f4bdde4d5767ad0c13cad92b
https://lore.kernel.org/linux-cve-announce/2026050859-CVE-2026-43454-83f9@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-43454
https://www.cve.org/CVERecord?id=CVE-2026-43454

History

Sat, 09 May 2026 15:30:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-665

Sat, 09 May 2026 12:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-694
References		https://lore.kernel.org/linux-cve-announce/2026050859-CVE-2026-43454-83f9@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-43454 https://www.cve.org/CVERecord?id=CVE-2026-43454
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Moderate`

Fri, 08 May 2026 18:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-665

Fri, 08 May 2026 14:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix for duplicate device in netdev hooks When handling NETDEV_REGISTER notification, duplicate device registration must be avoided since the device may have been added by nft_netdev_hook_alloc() already when creating the hook.
Title		netfilter: nf_tables: Fix for duplicate device in netdev hooks
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/2041cdb078041611510fc189410bc70b29f688fb https://git.kernel.org/stable/c/6d2a95c6890577cc3eab2b20018e16850d7fb094 https://git.kernel.org/stable/c/b7cdc5a97d02c943f4bdde4d5767ad0c13cad92b

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-08T14:22:18.719Z

Updated: 2026-05-08T14:22:18.719Z

Reserved: 2026-05-01T14:12:56.010Z

Link: CVE-2026-43454

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-05-08T15:16:58.160

Modified: 2026-05-08T15:16:58.160

Link: CVE-2026-43454

Redhat

Severity : Moderate

Publid Date: 2026-05-08T00:00:00Z

Links: CVE-2026-43454 - Bugzilla

OpenCVE Enrichment

Updated: 2026-05-09T16:30:37Z

Weaknesses

CWE-694

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object