Description
In the Linux kernel, the following vulnerability has been resolved:

nsfs: tighten permission checks for ns iteration ioctls

Even privileged services should not necessarily be able to see other
privileged service's namespaces so they can't leak information to each
other. Use may_see_all_namespaces() helper that centralizes this policy
until the nstree adapts.
Published: 2026-05-08
Score: 7.0 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Linux kernel previously allowed namespace‑iteration ioctl calls to expose the names of other privileged services’ namespaces. The patch tightens permission checks, preventing privileged services from inadvertently seeing or inferring information about namespaces belonging to other privileged processes. This change reduces the risk of metadata leakage that could aid in further local attacks. The vulnerability is an example of improper access control that can be used to obtain unintended information.

Affected Systems

All Linux kernel builds prior to the inclusion of the patch are affected. The patch is included in recent kernel releases; no specific version range was provided in the advisory.

Risk and Exploitability

The CVSS score of 7.0 indicates high severity. The EPSS score is not available, and it is not listed in the CISA KEV catalog. Based on the description, the likely attack vector is local and would require the attacker to run privileged code that can issue the namespace‑iteration ioctls. Because the vulnerability exists only for privileged services and the fix is a permission check, exploitation is non‑trivial and likely limited to scenarios where the attacker can activate or modify privileged services.

Generated by OpenCVE AI on May 9, 2026 at 05:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Linux kernel to a version that includes the nsfs permission check fix.
  • If a kernel upgrade is not feasible, apply the upstream patch from the commit series starting at 0ad650e60150eda7 to the current kernel source and rebuild.
  • Review and restrict namespace exposure for privileged services, ensuring that only necessary namespaces are visible to each process, and disable unused namespace interfaces when possible.

Generated by OpenCVE AI on May 9, 2026 at 05:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 09 May 2026 03:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-284
CWE-732

Sat, 09 May 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-280
References
Metrics threat_severity

None

 cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

threat_severity

Moderate

Fri, 08 May 2026 17:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-284
CWE-732

Fri, 08 May 2026 14:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for ns iteration ioctls Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use may_see_all_namespaces() helper that centralizes this policy until the nstree adapts.
Title nsfs: tighten permission checks for ns iteration ioctls
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-08T14:21:44.204Z

Reserved: 2026-05-01T14:12:56.007Z

Link: CVE-2026-43403

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-08T15:16:51.783

Modified: 2026-05-08T15:16:51.783

Link: CVE-2026-43403

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-05-08T00:00:00Z

Links: CVE-2026-43403 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-09T06:00:12Z

Weaknesses