{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-43230", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-05-01T14:12:55.994Z", "datePublished": "2026-05-06T11:28:27.620Z", "dateUpdated": "2026-05-07T17:14:54.339Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-07T17:14:54.339Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/rds: Clear reconnect pending bit\n\nWhen canceling the reconnect worker, care must be taken to reset the\nreconnect-pending bit. If the reconnect worker has not yet been\nscheduled before it is canceled, the reconnect-pending bit will stay\non forever."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/rds/connection.c"], "versions": [{"version": "00e0f34c616603ba6500f41943cbf89eb4a8a5be", "lessThan": "3cf001aff71b1db1b4732a5381b012a114720664", "status": "affected", "versionType": "git"}, {"version": "00e0f34c616603ba6500f41943cbf89eb4a8a5be", "lessThan": "60b347333ec259ac7352f62cbbc365b04c065ff8", "status": "affected", "versionType": "git"}, {"version": "00e0f34c616603ba6500f41943cbf89eb4a8a5be", "lessThan": "597c46a42930c963f448720aaf5001dd4ed98af4", "status": "affected", "versionType": "git"}, {"version": "00e0f34c616603ba6500f41943cbf89eb4a8a5be", "lessThan": "391200c274e90c34071b909ba12e3390b81b767f", "status": "affected", "versionType": "git"}, {"version": "00e0f34c616603ba6500f41943cbf89eb4a8a5be", "lessThan": "ba2e3472022f44baddf000621fed150d7a599ea3", "status": "affected", "versionType": "git"}, {"version": "00e0f34c616603ba6500f41943cbf89eb4a8a5be", "lessThan": "14eae5564053ac3973b9369dc674638f22f4765e", "status": "affected", "versionType": "git"}, {"version": "00e0f34c616603ba6500f41943cbf89eb4a8a5be", "lessThan": "bcf034fa5f66b6a3e787f765a917934a2045cf7a", "status": "affected", "versionType": "git"}, {"version": "00e0f34c616603ba6500f41943cbf89eb4a8a5be", "lessThan": "b89fc7c2523b2b0750d91840f4e52521270d70ed", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/rds/connection.c"], "versions": [{"version": "2.6.30", "status": "affected"}, {"version": "0", "lessThan": "2.6.30", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.252", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.202", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.165", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.128", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.75", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.16", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.6", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.30", "versionEndExcluding": "5.10.252"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.30", "versionEndExcluding": "5.15.202"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.30", "versionEndExcluding": "6.1.165"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.30", "versionEndExcluding": "6.6.128"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.30", "versionEndExcluding": "6.12.75"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.30", "versionEndExcluding": "6.18.16"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.30", "versionEndExcluding": "6.19.6"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.30", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/3cf001aff71b1db1b4732a5381b012a114720664"}, {"url": "https://git.kernel.org/stable/c/60b347333ec259ac7352f62cbbc365b04c065ff8"}, {"url": "https://git.kernel.org/stable/c/597c46a42930c963f448720aaf5001dd4ed98af4"}, {"url": "https://git.kernel.org/stable/c/391200c274e90c34071b909ba12e3390b81b767f"}, {"url": "https://git.kernel.org/stable/c/ba2e3472022f44baddf000621fed150d7a599ea3"}, {"url": "https://git.kernel.org/stable/c/14eae5564053ac3973b9369dc674638f22f4765e"}, {"url": "https://git.kernel.org/stable/c/bcf034fa5f66b6a3e787f765a917934a2045cf7a"}, {"url": "https://git.kernel.org/stable/c/b89fc7c2523b2b0750d91840f4e52521270d70ed"}], "title": "net/rds: Clear reconnect pending bit", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/rds: Clear reconnect pending bit\n\nWhen canceling the reconnect worker, care must be taken to reset the\nreconnect-pending bit. If the reconnect worker has not yet been\nscheduled before it is canceled, the reconnect-pending bit will stay\non forever."}], "id": "CVE-2026-43230", "lastModified": "2026-05-06T13:07:51.607", "metrics": {}, "published": "2026-05-06T12:16:42.957", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/14eae5564053ac3973b9369dc674638f22f4765e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/391200c274e90c34071b909ba12e3390b81b767f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/3cf001aff71b1db1b4732a5381b012a114720664"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/597c46a42930c963f448720aaf5001dd4ed98af4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/60b347333ec259ac7352f62cbbc365b04c065ff8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b89fc7c2523b2b0750d91840f4e52521270d70ed"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ba2e3472022f44baddf000621fed150d7a599ea3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/bcf034fa5f66b6a3e787f765a917934a2045cf7a"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: net/rds: Clear reconnect pending bit", "id": "2467115", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467115"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-459", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnet/rds: Clear reconnect pending bit\nWhen canceling the reconnect worker, care must be taken to reset the\nreconnect-pending bit. If the reconnect worker has not yet been\nscheduled before it is canceled, the reconnect-pending bit will stay\non forever.", "A flaw was found in the Linux kernel's Reliable Datagram Sockets (RDS) network protocol. When the reconnect worker is canceled before it has been scheduled, the 'reconnect-pending' bit is not properly cleared. This can lead to a state where the system indefinitely believes a reconnect is pending, potentially causing a denial of service (DoS) by preventing further network operations or consuming system resources."], "name": "CVE-2026-43230", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-05-06T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-43230\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-43230\nhttps://lore.kernel.org/linux-cve-announce/2026050656-CVE-2026-43230-9cb4@gregkh/T"], "threat_severity": "Moderate"}