CVE-2026-43403

Source
https://cve.org/CVERecord?id=CVE-2026-43403
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43403.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-43403
Downstream
Published
2026-05-08T14:21:44.204Z
Modified
2026-07-15T01:49:19.331044855Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Summary
nsfs: tighten permission checks for ns iteration ioctls
Details

In the Linux kernel, the following vulnerability has been resolved:

nsfs: tighten permission checks for ns iteration ioctls

Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeall_namespaces() helper that centralizes this policy until the nstree adapts.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43403.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
a1d220d9dafa8d76ba60a784a1016c3134e6a1e8
Fixed
3376b345df155ca36d8611857b41ff7d5183fc38
Fixed
2f3dea284c761c890d676f77d5e55c0c496b4ef4
Fixed
0ad650e60150eda789deca5e78a6a09d26bf8fc9
Fixed
e6b899f08066e744f89df16ceb782e06868bd148

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43403.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.12.0
Fixed
6.12.78
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.20
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.9

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43403.json"