CVE-2026-43390

Summary

In the Linux kernel, the following vulnerability has been resolved:

nstree: tighten permission checks for listing

Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use may_see_all_namespaces() helper that centralizes this policy until the nstree adapts.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux76b6f5dfb3fda76fce1f9990d6fa58adc711122b < 0abd81645fc95ec6a9d4e4813000f22c5efc0ff4affected
LinuxLinux76b6f5dfb3fda76fce1f9990d6fa58adc711122b < 8d76afe84fa2babf604b3c173730d4d2b067e361affected
LinuxLinux6.19affected
LinuxLinux0 < 6.19unaffected
LinuxLinux6.19.9 <= 6.19.*unaffected
LinuxLinux7.0 <= *unaffected

Weaknesses

References