VDB
DEBIAN-CVE-2026-43153
DEBIAN-CVE-2026-43153
PUBLISHED
CVSS 7.800000190734863 HIGH
In the Linux kernel, the following vulnerability has been resolved: xfs: remove xfs_attr_leaf_hasname The calling convention of xfs_attr_leaf_hasname() is problematic, because it returns a NULL buffer when xfs_attr3_leaf_read fails, a valid buffer when xfs_attr3_leaf_lookup_int returns -ENOATTR or -EEXIST, and a non-NULL buffer pointer for an already released buffer when xfs_attr3_leaf_lookup_int fails with other error values. Fix this by simply open coding xfs_attr_leaf_hasname in the callers, so that the buffer release code is done by each caller of xfs_attr3_leaf_read.
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:13 | linux | 0, 6.12.85-1, 6.12.74-2 |
| Debian:14 | linux | 6.12.85-1, 6.12.86-1, 6.13.10-1 |
| Debian:11 | linux | 7.1, 6.1.148-1, 6.1.15-1 |
| Debian:12 | linux | 6.1.158-1, 6.1.159-1, 6.1.162-1 |
Timeline
- May 6, 2026 CVE Published
- May 9, 2026 CVE Updated