HOMEVULNERABILITIESCVE-2026-43411
NONE

CVE-2026-43411

Published: May 8, 2026· Updated: May 12, 2026

EPSS:0.02%probability of exploitation in 30 daysPercentile:7.0th

Official Description

In the Linux kernel, the following vulnerability has been resolved:

tipc: fix divide-by-zero in tipc_sk_filter_connect()

A user can set conn_timeout to any value via

setsockopt(TIPC_CONN_TIMEOUT), including values less than 4. When a

SYN is rejected with TIPC_ERR_OVERLOAD and the retry path in

tipc_sk_filter_connect() executes:

delay %= (tsk->conn_timeout / 4);

If conn_timeout is in the range [0, 3], the integer division yields 0,

and the modulo operation triggers a divide-by-zero exception, causing a

kernel oops/panic.

Fix this by clamping conn_timeout to a minimum of 4 at the point of use

in tipc_sk_filter_connect().

Oops: divide error: 0000 [#1] SMP KASAN NOPTI

CPU: 0 UID: 0 PID: 119 Comm: poc-F144 Not tainted 7.0.0-rc2+

RIP: 0010:tipc_sk_filter_rcv (net/tipc/socket.c:2236 net/tipc/socket.c:2362)

Call Trace:

tipc_sk_backlog_rcv (include/linux/instrumented.h:82 include/linux/atomic/atomic-instrumented.h:32 include/net/sock.h:2357 net/tipc/socket.c:2406)

__release_sock (include/net/sock.h:1185 net/core/sock.c:3213)

release_sock (net/core/sock.c:3797)

tipc_connect (net/tipc/socket.c:2570)

__sys_connect (include/linux/file.h:62 include/linux/file.h:83 net/socket.c:2098)

NVD Source

Technical Analysis

CVE-2026-43411 requires local access, meaning attackers must already have a foothold on the target system.

Exploitation requires some privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

Affected Vendors & Products

Mentioned vendors (from description):
Linux
CPE data not yet available in NVD for this CVE.

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

All References (8)

Quick Facts

CVE IDCVE-2026-43411
SeverityNONE
CISA KEVNo
EPSS (30d)0.02%
PublishedMay 8, 2026

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2026-43411 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.