CVE-2026-43154 - Vulnerability Details

- erofs: fix incorrect early exits in volume label handling

Description

In the Linux kernel, the following vulnerability has been resolved:

erofs: fix incorrect early exits in volume label handling

Crafted EROFS images containing valid volume labels can trigger
incorrect early returns, leading to folio reference leaks.

However, this does not cause system crashes or other severe issues.

Published: 2026-05-06

Score: n/a

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

The flaw in the Linux kernel’s EROFS implementation allows an attacker to supply a specially crafted image containing a valid volume label. When the kernel processes the label, an early return is triggered in a way that the kernel fails to release internal folio references. This results in leaks of kernel memory references that could expose sensitive information, though it does not destabilize the system or cause crashes.

Affected Systems

The vulnerability exists in the Linux kernel itself. No specific kernel release dates or versions are listed in the data; all Linux kernel releases that incorporate the EROFS filesystem are potentially affected until an official fixed kernel is deployed.

Risk and Exploitability

The CVSS score is unspecified, and EPSS is not available, but the attack requires an attacker to mount a malicious EROFS image or otherwise trigger volume label handling. The likely attack vector is local or user‑initiated, and the exploit does not need elevated privileges beyond the ability to mount the image. Because the impact is limited to leaking references and not system crash or privilege escalation, the overall risk is moderate. The vulnerability is not listed in CISA’s KEV catalog and there are no known widespread exploits.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`1cf12c7177410afcb53f815315d1247ea57fae4f`	affected	< 8d8a878ef60801d867119b3df6a93e2982d62a71
`1cf12c7177410afcb53f815315d1247ea57fae4f`	affected	< d498bd168494ad4a4bce16192bfb9ce04ca19c9a
`1cf12c7177410afcb53f815315d1247ea57fae4f`	affected	< 3afa4da38802a4cba1c23848a32284e7e57b831b

Linux

affected

Version	Status	Constraints
`6.18`	affected	—
`0`	unaffected	< 6.18
`6.18.16`	unaffected	≤ 6.18.*
`6.19.6`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[1cf12c7177410afcb53f815315d1247ea57fae4f,8d8a878ef60801d867119b3df6a93e2982d62a71)`	affected	code_commit	—
`[1cf12c7177410afcb53f815315d1247ea57fae4f,d498bd168494ad4a4bce16192bfb9ce04ca19c9a)`	affected	code_commit	—
`[1cf12c7177410afcb53f815315d1247ea57fae4f,3afa4da38802a4cba1c23848a32284e7e57b831b)`	affected	code_commit	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`6.18`	affected	semver	—
`[0,6.18)`	unaffected	semver	—
`[6.18.16,6.19.0)`	unaffected	semver	—
`[6.19.6,6.20.0)`	unaffected	semver	—
`[7.0,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Update the Linux kernel to a version that contains the upstream patch for the EROFS volume label handling bug.
If an updated kernel is not immediately available, avoid mounting untrusted EROFS images and consider disabling the EROFS filesystem module until a fix is applied.
Review kernel configuration and limit the set of users or processes allowed to mount or load EROFS images to reduce exposure.

Generated by OpenCVE AI on May 6, 2026 at 13:40 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/3afa4da38802a4cba1c23848a32284e7e57b831b
https://git.kernel.org/stable/c/8d8a878ef60801d867119b3df6a93e2982d62a71
https://git.kernel.org/stable/c/d498bd168494ad4a4bce16192bfb9ce04ca19c9a

History

Wed, 06 May 2026 14:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-203

Wed, 06 May 2026 12:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: erofs: fix incorrect early exits in volume label handling Crafted EROFS images containing valid volume labels can trigger incorrect early returns, leading to folio reference leaks. However, this does not cause system crashes or other severe issues.
Title		erofs: fix incorrect early exits in volume label handling
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/3afa4da38802a4cba1c23848a32284e7e57b831b https://git.kernel.org/stable/c/8d8a878ef60801d867119b3df6a93e2982d62a71 https://git.kernel.org/stable/c/d498bd168494ad4a4bce16192bfb9ce04ca19c9a

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-06T11:27:35.116Z

Updated: 2026-05-06T11:27:35.116Z

Reserved: 2026-05-01T14:12:55.989Z

Link: CVE-2026-43154

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-06T12:16:33.193

Modified: 2026-05-06T13:07:51.607

Link: CVE-2026-43154

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-06T18:00:11Z

Weaknesses

CWE-203

Impact

Affected Systems

Risk and Exploitability

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object