CVE-2026-43365 - Vulnerability Analysis
HighCVSS: 8.2Last Updated: May 11, 2026
Linux Kernel XFS - Denial of Service & Data Tampering
Published: May 8, 2026Updated: May 11, 2026Remote Exploitable
Overview
Linux kernel XFS filesystem contains a log corruption vulnerability caused by undersized l_iclog_roundoff values when the superblock lacks a log stripe unit, letting attackers cause log corruption and unmountable filesystems, exploit requires crafted filesystem superblock.
Severity & Score
Severity: High
CVSS Score: 8.2
Impact
Attackers can cause filesystem log corruption leading to unmountable filesystems and potential data loss.
Mitigation
Update to the latest Linux kernel version containing the XFS fix for undersized l_iclog_roundoff values.
References
- https://git.kernel.org/stable/c/2ecda4b83749c1fef0c9dea4fd5e8b513aba3e40
- https://git.kernel.org/stable/c/41e91dff2d3974730b5ee50daa8e27ec254cbf91
- https://git.kernel.org/stable/c/446a1f5bb64ba38adb93cb043ff0f7b85e8937ca
- https://git.kernel.org/stable/c/52a8a1ba883defbfe3200baa22cf4cd21985d51a
- https://git.kernel.org/stable/c/5afae524f83d6a18517298491a5624cb0eae5029
- https://git.kernel.org/stable/c/5e7148402dfc4a5b7894d8e97b15e5c2e70924aa
- https://git.kernel.org/stable/c/e88ce9f0536f3b2149afb70625cfc4bd74a4ac6d
Related Resources
Details
- CVE ID
- CVE-2026-43365
- Severity
- High
- CVSS Score
- 8.2
- Type
- undefined
- Status
- new
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H