Home / Vulnerability Intelligence / CVE-2026-43403

CVE-2026-43403 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: May 11, 2026

Linux Kernel - Broken Access Control

Published: May 8, 2026Updated: May 11, 2026

Overview

Linux kernel contains a broken access control vulnerability caused by insufficient permission checks in ns iteration ioctls, letting privileged services potentially leak information across namespaces, exploit requires privileged service access.

Severity & Score

Severity: High

CVSS Score: 8.8

Impact

Privileged services can leak information across namespaces, risking sensitive data exposure between isolated services.

Mitigation

Update to the latest Linux kernel version with tightened permission checks for ns iteration ioctls.

References

https://git.kernel.org/stable/c/3376b345df155ca36d8611857b41ff7d5183fc38
https://git.kernel.org/stable/c/e6b899f08066e744f89df16ceb782e06868bd148
https://git.kernel.org/stable/c/0ad650e60150eda789deca5e78a6a09d26bf8fc9
https://git.kernel.org/stable/c/2f3dea284c761c890d676f77d5e55c0c496b4ef4

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-43403
Severity: High
CVSS Score: 8.8
Type: broken_access_control
Status: new

CVSS Metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H