CVE-2026-43241 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

ntb: ntb_hw_switchtec: Fix array-index-out-of-bounds access

Number of MW LUTs depends on NTB configuration and can be set to MAX_MWS,
This patch protects against invalid index out of bounds access to mw_sizes
When invalid access print message to user that configuration is not valid.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< 348e1ac9ad983ed7e62de14e1daf47f1695a4ce9
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< ee02c4f980c91820845dd8e469ec7dc670ab6d9d
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< 740945de896021b9a859e71f38f6aea72a6393cf
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< 85c9daa1f8319bbb3dfee71dc6a2f969cd3b4c92
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< 0e930420945106151c6eb3d7837b4e6154e9b144
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< 2346856b74823a2a78109002e479a3d02526a9ce
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< 47ce292dd45dc689747c40603222691638919189
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< c8ba7ad2cc1c7b90570aa347b8ebbe279f1eface

Linux

affected

Version	Status	Constraints
`5.10.252`	unaffected	≤ 5.10.*
`5.15.202`	unaffected	≤ 5.15.*
`6.1.165`	unaffected	≤ 6.1.*
`6.6.128`	unaffected	≤ 6.6.*
`6.12.75`	unaffected	≤ 6.12.*
`6.18.16`	unaffected	≤ 6.18.*
`6.19.6`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

Project Subscriptions

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/0e930420945106151c6eb3d7837b4e6154e9b144
https://git.kernel.org/stable/c/2346856b74823a2a78109002e479a3d02526a9ce
https://git.kernel.org/stable/c/348e1ac9ad983ed7e62de14e1daf47f1695a4ce9
https://git.kernel.org/stable/c/47ce292dd45dc689747c40603222691638919189
https://git.kernel.org/stable/c/740945de896021b9a859e71f38f6aea72a6393cf
https://git.kernel.org/stable/c/85c9daa1f8319bbb3dfee71dc6a2f969cd3b4c92
https://git.kernel.org/stable/c/c8ba7ad2cc1c7b90570aa347b8ebbe279f1eface
https://git.kernel.org/stable/c/ee02c4f980c91820845dd8e469ec7dc670ab6d9d
https://lore.kernel.org/linux-cve-announce/2026050600-CVE-2026-43241-b0ad@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-43241
https://www.cve.org/CVERecord?id=CVE-2026-43241

History

Thu, 07 May 2026 00:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-1285
References		https://lore.kernel.org/linux-cve-announce/2026050600-CVE-2026-43241-b0ad@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-43241 https://www.cve.org/CVERecord?id=CVE-2026-43241

Wed, 06 May 2026 17:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-129

Wed, 06 May 2026 12:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: ntb: ntb_hw_switchtec: Fix array-index-out-of-bounds access Number of MW LUTs depends on NTB configuration and can be set to MAX_MWS, This patch protects against invalid index out of bounds access to mw_sizes When invalid access print message to user that configuration is not valid.
Title		ntb: ntb_hw_switchtec: Fix array-index-out-of-bounds access
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/0e930420945106151c6eb3d7837b4e6154e9b144 https://git.kernel.org/stable/c/2346856b74823a2a78109002e479a3d02526a9ce https://git.kernel.org/stable/c/348e1ac9ad983ed7e62de14e1daf47f1695a4ce9 https://git.kernel.org/stable/c/47ce292dd45dc689747c40603222691638919189 https://git.kernel.org/stable/c/740945de896021b9a859e71f38f6aea72a6393cf https://git.kernel.org/stable/c/85c9daa1f8319bbb3dfee71dc6a2f969cd3b4c92 https://git.kernel.org/stable/c/c8ba7ad2cc1c7b90570aa347b8ebbe279f1eface https://git.kernel.org/stable/c/ee02c4f980c91820845dd8e469ec7dc670ab6d9d

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-06T11:28:34.927Z

Updated: 2026-05-06T11:28:34.927Z

Reserved: 2026-05-01T14:12:55.995Z

Link: CVE-2026-43241

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-06T12:16:44.460

Modified: 2026-05-06T13:07:51.607

Link: CVE-2026-43241

Redhat

Severity :

Publid Date: 2026-05-06T00:00:00Z

Links: CVE-2026-43241 - Bugzilla

OpenCVE Enrichment

Updated: 2026-05-07T02:45:06Z

Weaknesses

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object