Linux Kernel Vulnerability in HFSPlus Affecting Special Inodes
CVE-2026-43268

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 6 May 2026

What is CVE-2026-43268?

A vulnerability has been identified in the Linux kernel related to the handling of HFSPlus file types. This issue arises when certain special inodes are incorrectly treated as regular files. A commit to the kernel aims to enforce stricter checks for valid inode types, ensuring that special inodes such as directories and symbolic links cannot be represented as regular files. This fix enhances the integrity of the file system and mitigates potential exploitation risks that could lead to unauthorized access or manipulation of file data.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 799c492a619a10322543d13e6d2a6d27335c868c

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 676bc99d0b3e356cdfec5d8204518e1aac14ec84

References

https://git.kernel.org/stable/c/dcac5582f90b55a267d897690...

https://git.kernel.org/stable/c/799c492a619a10322543d13e6...

https://git.kernel.org/stable/c/676bc99d0b3e356cdfec5d820...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43268 Data

JSON