{
  "threat_severity" : "Moderate",
  "public_date" : "2026-05-06T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: arm64: Add support for TSV110 Spectre-BHB mitigation",
    "id" : "2467118",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2467118"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.0",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
    "status" : "draft"
  },
  "cwe" : "CWE-515",
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\narm64: Add support for TSV110 Spectre-BHB mitigation\nThe TSV110 processor is vulnerable to the Spectre-BHB (Branch History\nBuffer) attack, which can be exploited to leak information through\nbranch prediction side channels. This commit adds the MIDR of TSV110\nto the list for software mitigation.", "A flaw was found in the Linux kernel. This vulnerability affects systems running on TSV110 processors, making them susceptible to the Spectre-BHB (Branch History Buffer) attack. A local attacker could exploit this side-channel vulnerability to potentially leak sensitive information by observing patterns in branch prediction. This issue can lead to unauthorized disclosure of data." ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-43261\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-43261\nhttps://lore.kernel.org/linux-cve-announce/2026050607-CVE-2026-43261-d70e@gregkh/T" ],
  "name" : "CVE-2026-43261",
  "csaw" : false
}