CVE-2026-43362 - Vulnerability Analysis
HighCVSS: 8.1Last Updated: May 11, 2026
Linux Kernel - Data Corruption
Published: May 8, 2026Updated: May 11, 2026Remote Exploitable
Overview
Linux kernel < 6.10 contains an encryption corruption vulnerability in SMB2_write caused by in-place encryption of write payloads, letting attackers cause data corruption during write retries on unstable connections, exploit requires unstable SMB connections triggering retries.
Severity & Score
Severity: High
CVSS Score: 8.1
Impact
Attackers can cause data corruption during SMB write retries, potentially leading to data integrity issues.
Mitigation
Update to Linux kernel version 6.10 or later.
References
- https://git.kernel.org/stable/c/d78840a6a38d312dc1a51a65317bb67e46f0b929
- https://git.kernel.org/stable/c/438e77435aee2894d5edf90be5c87004a57f6258
- https://git.kernel.org/stable/c/52327268224fb9ccc7ecfbbdfdfff54b6e93c518
- https://git.kernel.org/stable/c/92e64f1852f455f57d0850989e57c30d7fac7d95
- https://git.kernel.org/stable/c/aea5e37388a080361110ab5790f57ae0af383650
Related Resources
Details
- CVE ID
- CVE-2026-43362
- Severity
- High
- CVSS Score
- 8.1
- Type
- undefined
- Status
- new
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H