CVE-2026-43179

MEDIUM EPSS 2.6%
Published May 6, 20261mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 6, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: erofs: fix incorrect early exits for invalid metabox-enabled images Crafted EROFS images with metadata compression enabled can trigger incorrect early returns, leading to folio reference leaks. However, this does not cause system crashes or other severe issues.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 2

VendorProductVersionRange
linuxlinux_kernel*≥6.17  –  <6.18.16
linuxlinux_kernel*≥6.19  –  <6.19.6

References 3

  • git.kernel.org https://git.kernel.org/stable/c/041b5163bb9b2e81050bcd885b3373bf2f42d5f5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/56e4a84220045b6af0f1efc11825b39217c7decf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/643575d5a4f24b23b0c54aa20aa74a4abed8ff5e
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/041b5163bb9b2e81050bcd885b3373bf2f42d5f5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/56e4a84220045b6af0f1efc11825b39217c7decf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/643575d5a4f24b23b0c54aa20aa74a4abed8ff5e
    Patch