HIGHCVE-2026-43391Published 2026-05-08Modified 2026-05-11CNA Linux

CVE-2026-43391: nsfs: tighten permission checks for handle opening

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for handle opening Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use may_see_all_namespaces() helper that centralizes this policy until the nstree adapts.

CVSS v3.1: 8.8
Severity: HIGH
Fixed in: 0
Affected Products: 2

Fix available

01797ee11451f1b2be69863a9f5bd43b948813fdf6.19.97.0d2324a9317f00013facb0ba00b00440e19d2af5e

Affected packages

Linux / Linux
< 1797ee11451f1b2be69863a9f5bd43b948813fdf (from 5222470b2fbb3740f931f189db33dd1367b1ae75) · < d2324a9317f00013facb0ba00b00440e19d2af5e (from 5222470b2fbb3740f931f189db33dd1367b1ae75)
Linux / Linux
6.18
Fixed in 0, 6.19.9, 7.0

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

References

Metrics

Fix available