What is CVE-2026-43503?

CVE-2026-43503 is a high-severity vulnerability in Linux. CVSS score: 8.8/10. Published 2026-05-23.

How severe is CVE-2026-43503?

High severity. CVSS v3 base score is 8.8 out of 10.

Vulnerability in Linux

CVE-2026-43503

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers (__pskb_copy_fclone() and skb_shift()) fail to propagate the SKBFL_SHAR…

EPSS: 0.000 (2.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H.

Affected products

Linux — versions cef401de7be8c4e155c6746bfccf721a4fa5fab9, 6.6.141, 6.1.174

References

git.kernel.org/stable/c/3599e6b3cc1ada96883d496a50a210d3afbb6987
git.kernel.org/stable/c/2f2b16022a2e10ca7bccfb98db5ed2ec0f72641c
git.kernel.org/stable/c/9d3e5fd19fe1063bf607219e8562fbd567b8e8d5
git.kernel.org/stable/c/78bf6b6bb19541d19fbda6242e7cfe2c682763c0
git.kernel.org/stable/c/760e1addc27ba1a7beb4a0a7e8b3e9ec49e7a34e
git.kernel.org/stable/c/3bd9e113d50034db99d7ef69fd8e5242d15e414a
git.kernel.org/stable/c/3884358a9286b17f389a72b1426fc4547c23c111
416baaa9-dc9f-4396-8d5f-8c081fb06d67
416baaa9-dc9f-4396-8d5f-8c081fb06d67
416baaa9-dc9f-4396-8d5f-8c081fb06d67

Frequently asked questions

What is CVE-2026-43503?: CVE-2026-43503 is a high-severity vulnerability in Linux. CVSS score: 8.8/10. Published 2026-05-23.
How severe is CVE-2026-43503?: High severity. CVSS v3 base score is 8.8 out of 10.