Linux Kernel Vulnerability in Cachefiles Module Affecting Multiple Versions
CVE-2026-43106

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 6 May 2026

What is CVE-2026-43106?

A vulnerability has been identified in the cachefiles module of the Linux kernel, where an incorrect dentry reference count could lead to resource management issues. Specifically, the function cachefiles_cull() was not modified to align with the expectation of the cachefiles_bury_object() function, which requires two references to a dentry object. This oversight potentially results in a lost reference during execution. The solution requires cachefiles_cull() to correctly manage references before invoking cachefiles_bury_object() to ensure that resource cleanup is conducted reliably.

Affected Version(s)

Linux 7bb1eb45e43c4730cbc5a48b9e9295049fccdacb < 6577df7dc7a7de128442b6192c7a32195c923480

Linux 7bb1eb45e43c4730cbc5a48b9e9295049fccdacb < 1635c2acdde86c4f555b627aec873c8677c421ed

Linux 6.19

References

https://git.kernel.org/stable/c/6577df7dc7a7de128442b6192...

https://git.kernel.org/stable/c/1635c2acdde86c4f555b627ae...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43106 Data

JSON