CVE-2026-43193 - Vulnerability Details

Description

In the Linux kernel, the following vulnerability has been resolved:

nfsd: fix nfs4_file refcount leak in nfsd_get_dir_deleg()

Claude pointed out that there is a nfs4_file refcount leak in
nfsd_get_dir_deleg(). Ensure that the reference to "fp" is released
before returning.

Published: 2026-05-06

Score: n/a

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

In the Linux kernel, a reference count leak in the nfsd_get_dir_deleg function allows memory to be unintentionally retained. This leak can cause kernel memory usage to grow over time, potentially exhausting system resources and leading to a denial‑of‑service condition for users of the NFS service. The vulnerability maps to CWE‑401, Memory Leak.

Affected Systems

The flaw exists in the Linux kernel itself and therefore affects all installations running affected kernel versions. Specific version details are not provided, so any machine using a kernel build that includes the unpatched nfsd code is vulnerable. The only vendor listed is Linux and the product is the Linux kernel.

Risk and Exploitability

No EPSS score is available and the vulnerability is not catalogued in CISA’s KEV. Although a formal CVSS score is missing, the potential for memory exhaustion suggests that the risk is significant, particularly for servers exposed to unauthenticated NFS clients. The likely attack vector would involve an adversary interacting with the NFS daemon, for example by issuing repeated delegation requests, to drive the leak. The lack of exploitation metrics makes the exact probability unclear, but the severity of the impact warrants prompt attention.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`8b99f6a8c116f664a6788737705f6da2772cc96a`	affected	< 0d8362e15aad5b5c1d6a65bb23ac6c45ccf881f3
`8b99f6a8c116f664a6788737705f6da2772cc96a`	affected	< 789477b849394afdb60507924d65f7ef18f078ce

Linux

affected

Version	Status	Constraints
`6.19`	affected	—
`0`	unaffected	< 6.19
`6.19.6`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[8b99f6a8c116f664a6788737705f6da2772cc96a,0d8362e15aad5b5c1d6a65bb23ac6c45ccf881f3)`	affected	code_commit	—
`[8b99f6a8c116f664a6788737705f6da2772cc96a,789477b849394afdb60507924d65f7ef18f078ce)`	affected	code_commit	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`6.19`	affected	generic	—
`[0,6.19)`	unaffected	generic	—
`[6.19.6,6.20.0)`	unaffected	semver	—
`[7.0,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Update the Linux kernel to a version that includes the nfsd_get_dir_deleg fix
Restrict access to the NFS daemon or limit delegation operations, for example by firewall rules or NFS configuration
Monitor kernel memory consumption for abnormal growth patterns to detect ongoing exploitation

Generated by OpenCVE AI on May 6, 2026 at 14:02 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/0d8362e15aad5b5c1d6a65bb23ac6c45ccf881f3
https://git.kernel.org/stable/c/789477b849394afdb60507924d65f7ef18f078ce

History

Wed, 06 May 2026 14:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-401

Wed, 06 May 2026 12:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4_file refcount leak in nfsd_get_dir_deleg() Claude pointed out that there is a nfs4_file refcount leak in nfsd_get_dir_deleg(). Ensure that the reference to "fp" is released before returning.
Title		nfsd: fix nfs4_file refcount leak in nfsd_get_dir_deleg()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/0d8362e15aad5b5c1d6a65bb23ac6c45ccf881f3 https://git.kernel.org/stable/c/789477b849394afdb60507924d65f7ef18f078ce

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-06T11:28:01.926Z

Updated: 2026-05-06T11:28:01.926Z

Reserved: 2026-05-01T14:12:55.992Z

Link: CVE-2026-43193

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-06T12:16:38.197

Modified: 2026-05-06T13:07:51.607

Link: CVE-2026-43193

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-06T16:30:06Z

Weaknesses

CWE-401

Impact

Affected Systems

Risk and Exploitability

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object