CVE-2026-43390

Published: May 8, 2026Modified: May 26, 2026

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: nstree: tighten permission checks for listing Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use may_see_all_namespaces() helper that centralizes this policy until the nstree adapts.

Affected (3)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 6.19 to 6.19.9
Linux Linux Kernel	Version 7.0 rc1
Linux Linux Kernel	Version 7.0 rc2

References (2)

https://git.kernel.org/stable/c/0abd81645fc95ec6a9d4e4813000f22c5efc0ff4

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/8d76afe84fa2babf604b3c173730d4d2b067e361

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.