CVE-2026-43063

Source
https://cve.org/CVERecord?id=CVE-2026-43063
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43063.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-43063
Downstream
Related
Published
2026-05-05T15:23:24.034Z
Modified
2026-07-15T01:48:54.283340083Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
xfs: don't irele after failing to iget in xfs_attri_recover_work
Details

In the Linux kernel, the following vulnerability has been resolved:

xfs: don't irele after failing to iget in xfsattrirecover_work

xlogrecoveryiget* never set @ip to a valid pointer if they return an error, so this irele will walk off a dangling pointer. Fix that.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43063.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
ae673f534a30976ce5e709c4535a59c12b786ef3
Fixed
b5c5a50c2f513d4a13a6763564a07b470e69cc5a
Fixed
a1a5df1038f0b3c560d204270373621a4e622808
Fixed
40082d08b638485cbaa543dc8087a3d1844d6f08
Fixed
70685c291ef82269180758130394ecdc4496b52c

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43063.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.10.0
Fixed
6.12.80
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.21
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.11

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43063.json"