CVE-2026-43403

EPSS 0.01%
Veröffentlicht 08.05.2026 14:21:44
Zuletzt bearbeitet 12.05.2026 14:10:27
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

nsfs: tighten permission checks for ns iteration ioctls

In the Linux kernel, the following vulnerability has been resolved:

nsfs: tighten permission checks for ns iteration ioctls

Even privileged services should not necessarily be able to see other
privileged service's namespaces so they can't leak information to each
other. Use may_see_all_namespaces() helper that centralizes this policy
until the nstree adapts.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 7

CNA 2 VulnDex Vulnerability Enrichment 12

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version a1d220d9dafa8d76ba60a784a1016c3134e6a1e8

Version < 3376b345df155ca36d8611857b41ff7d5183fc38

Status affected

Version a1d220d9dafa8d76ba60a784a1016c3134e6a1e8

Version < 2f3dea284c761c890d676f77d5e55c0c496b4ef4

Status affected

Version a1d220d9dafa8d76ba60a784a1016c3134e6a1e8

Version < 0ad650e60150eda789deca5e78a6a09d26bf8fc9

Status affected

Version a1d220d9dafa8d76ba60a784a1016c3134e6a1e8

Version < e6b899f08066e744f89df16ceb782e06868bd148

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.12

Status affected

Version 0

Version < 6.12

Status unaffected

Version <= 6.12.*

Version 6.12.78

Status unaffected

Version <= 6.18.*

Version 6.18.20

Status unaffected

Version <= 6.19.*

Version 6.19.9

Status unaffected

Version <= *

Version 7.0

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.024

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
416baaa9-dc9f-4396-8d5f-8c081fb06d67	8.8	2	6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/3376b345df155ca36d8611857b41ff7d5183fc38

https://git.kernel.org/stable/c/2f3dea284c761c890d676f77d5e55c0c496b4ef4

https://git.kernel.org/stable/c/0ad650e60150eda789deca5e78a6a09d26bf8fc9

https://git.kernel.org/stable/c/e6b899f08066e744f89df16ceb782e06868bd148

https://nvd.nist.gov/vuln/detail/CVE-2026-43403

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-43403

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-43403

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-43403