CVE-2026-43154

MEDIUM EPSS 2.6%
Published May 6, 20261mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 6, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: erofs: fix incorrect early exits in volume label handling Crafted EROFS images containing valid volume labels can trigger incorrect early returns, leading to folio reference leaks. However, this does not cause system crashes or other severe issues.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 2

VendorProductVersionRange
linuxlinux_kernel*≥6.18  –  <6.18.16
linuxlinux_kernel*≥6.19  –  <6.19.6

References 3

  • git.kernel.org https://git.kernel.org/stable/c/3afa4da38802a4cba1c23848a32284e7e57b831b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8d8a878ef60801d867119b3df6a93e2982d62a71
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d498bd168494ad4a4bce16192bfb9ce04ca19c9a
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/3afa4da38802a4cba1c23848a32284e7e57b831b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8d8a878ef60801d867119b3df6a93e2982d62a71
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d498bd168494ad4a4bce16192bfb9ce04ca19c9a
    Patch