CVE-2026-43403

HIGH

nsfs: tighten permission checks for ns iteration ioctls

Title source: cna

Description

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for ns iteration ioctls Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use may_see_all_namespaces() helper that centralizes this policy until the nstree adapts.

References (4)

Core 4

Core References

https://git.kernel.org/stable/c/3376b345df155ca36d8611857b41ff7d5183fc38

https://git.kernel.org/stable/c/2f3dea284c761c890d676f77d5e55c0c496b4ef4

https://git.kernel.org/stable/c/0ad650e60150eda789deca5e78a6a09d26bf8fc9

https://git.kernel.org/stable/c/e6b899f08066e744f89df16ceb782e06868bd148

Scores

CVSS v3 8.8

EPSS 0.0001

EPSS Percentile 2.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Details

Status published

Products (12)

Linux/Linux < 6.12

Linux/Linux 6.12

Linux/Linux 6.12.78 - 6.12.*

Linux/Linux 6.18.20 - 6.18.*

Linux/Linux 6.19.9 - 6.19.*

Linux/Linux 7.0

Linux/Linux a1d220d9dafa8d76ba60a784a1016c3134e6a1e8 - 0ad650e60150eda789deca5e78a6a09d26bf8fc9

Linux/Linux a1d220d9dafa8d76ba60a784a1016c3134e6a1e8 - 2f3dea284c761c890d676f77d5e55c0c496b4ef4

Linux/Linux a1d220d9dafa8d76ba60a784a1016c3134e6a1e8 - 3376b345df155ca36d8611857b41ff7d5183fc38

Linux/Linux a1d220d9dafa8d76ba60a784a1016c3134e6a1e8 - e6b899f08066e744f89df16ceb782e06868bd148

... and 2 more

Published May 08, 2026

Tracked Since May 08, 2026