Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
Linux Kernel Receive Queue Size Miscalculation
DEBIAN-CVE-2026-43208
Summary
A bug in the Linux kernel's receive queue management system could cause crashes or unexpected behavior. This issue affects Linux systems and can be mitigated by updating to a fixed version of the kernel. Users are advised to apply available kernel updates to resolve this vulnerability.
What to do
- Update debian linux to version 6.19.6-1.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Debian:14 | debian | linux |
< 6.19.6-1 Fix: upgrade to 6.19.6-1
|
Original title
In the Linux kernel, the following vulnerability has been resolved: net: do not pass flow_id to set_rps_cpu() Blamed commit made the assumption that the RPS table for each receive queue would hav...
Original description
In the Linux kernel, the following vulnerability has been resolved: net: do not pass flow_id to set_rps_cpu() Blamed commit made the assumption that the RPS table for each receive queue would have the same size, and that it would not change. Compute flow_id in set_rps_cpu(), do not assume we can use the value computed by get_rps_cpu(). Otherwise we risk out-of-bound access and/or crashes.
osv CVSS3.1
9.8
- https://security-tracker.debian.org/tracker/CVE-2026-43208 Vendor Advisory
Published: 6 May 2026 · Updated: 9 May 2026 · First seen: 9 May 2026