Description
In the Linux kernel, the following vulnerability has been resolved:

nsfs: tighten permission checks for handle opening

Even privileged services should not necessarily be able to see other
privileged service's namespaces so they can't leak information to each
other. Use may_see_all_namespaces() helper that centralizes this policy
until the nstree adapts.
Published: 2026-05-08
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability stems from an insufficient permission check when opening namespace handles in the Linux nsfs filesystem. Based on the description, privileged services are able to open handles to other privileged services' namespaces, which they should not be able to. This results in unintended visibility of namespace information, effectively leaking metadata about other services' namespaces. The issue is an example of improper access control and a permission or privilege issue (CWE‑1220).

Affected Systems

All Linux kernel installations that have not yet applied the fix are affected. The change is identified in the kernel source, and any kernel version preceding that commit may allow the described permission bypass. Linux is the vendor, and the product is the Linux kernel, although no specific version range is listed.

Risk and Exploitability

The lack of an EPSS score and KEV listing indicates that no widespread exploitation is known, but the vulnerability still poses a risk to environments where multiple privileged services coexist. An attacker with the ability to launch a privileged service could gather information about other services, potentially aiding further attacks. The exploitation path requires kernel privilege; therefore the risk is moderate but non‑negligible for production systems.

Generated by OpenCVE AI on May 9, 2026 at 03:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to a Linux kernel version that incorporates the nsfs permission check fix.
  • Ensure that services with elevated capabilities are granted only the minimal permissions necessary and do not run with full CAP_SYS_ADMIN unless required.
  • Regularly audit namespace configurations and restrict cross‑namespace visibility using cgroup and namespace isolation practices.

Generated by OpenCVE AI on May 9, 2026 at 03:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 09 May 2026 02:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-284

Sat, 09 May 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-1220
References

Fri, 08 May 2026 17:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-284

Fri, 08 May 2026 14:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for handle opening Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use may_see_all_namespaces() helper that centralizes this policy until the nstree adapts.
Title nsfs: tighten permission checks for handle opening
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-08T14:21:36.012Z

Reserved: 2026-05-01T14:12:56.007Z

Link: CVE-2026-43391

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-08T15:16:50.490

Modified: 2026-05-08T15:16:50.490

Link: CVE-2026-43391

cve-icon Redhat

Severity :

Publid Date: 2026-05-08T00:00:00Z

Links: CVE-2026-43391 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-09T04:00:14Z

Weaknesses