Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-43481

In the Linux kernel, the following vulnerability has been resolved: net-shapers: don't free reply skb after genlmsg_reply() genlmsg_reply() hands the reply skb to netlink, and netlink_unicast() consumes it on all return paths, whether the skb is queued successfully or freed on an error path. net_shaper_nl_get_doit() and net_shaper_nl_cap_get_doit() currently jump to free_msg after genlmsg_reply() fails and call nlmsg_free(msg), which can hit the same skb twice. Return the genlmsg_reply() error directly and keep free_msg only for pre-reply failures.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 2.1%
CVSS Severity
CVSS v3 Score 7.8
Products affected by CVE-2026-43481


Contact Us

Shodan ® - All rights reserved