CVE-2026-43391

Summary

In the Linux kernel, the following vulnerability has been resolved:

nsfs: tighten permission checks for handle opening

Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use may_see_all_namespaces() helper that centralizes this policy until the nstree adapts.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux5222470b2fbb3740f931f189db33dd1367b1ae75 < 1797ee11451f1b2be69863a9f5bd43b948813fdfaffected
LinuxLinux5222470b2fbb3740f931f189db33dd1367b1ae75 < d2324a9317f00013facb0ba00b00440e19d2af5eaffected
LinuxLinux6.18affected
LinuxLinux0 < 6.18unaffected
LinuxLinux6.19.9 <= 6.19.*unaffected
LinuxLinux7.0 <= *unaffected

Weaknesses

References