ByteOS Network

NVD Vulnerability Details :

CVE-2026-43228

Analyzed

Source-416baaa9-dc9f-4396-8d5f-8c081fb06d67

Published At-06 May, 2026 | 12:16

Updated At-08 May, 2026 | 21:16

In the Linux kernel, the following vulnerability has been resolved: hfs: Replace BUG_ON with error handling for CNID count checks In a06ec283e125 next_id, folder_count, and file_count in the super block info were expanded to 64 bits, and BUG_ONs were added to detect overflow. This triggered an error reported by syzbot: if the MDB is corrupted, the BUG_ON is triggered. This patch replaces this mechanism with proper error handling and resolves the syzbot reported bug. Singed-off-by: Jori Koolstra <jkoolstra@xs4all.nl>

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Type: Primary

Version: 3.1

Base score: 5.5

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CPE Matches

Linux Kernel Organization, Inc

>>linux_kernel>>Versions from 6.18(inclusive) to 6.19.6(exclusive)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-617	Primary	nvd@nist.gov

CWE ID: CWE-617

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
https://git.kernel.org/stable/c/b226804532a875c10276168dc55ce752944096bd	416baaa9-dc9f-4396-8d5f-8c081fb06d67	Patch
https://git.kernel.org/stable/c/b6536c1ced315fa645576d3a39c6e07f2a472962	416baaa9-dc9f-4396-8d5f-8c081fb06d67	Patch

Hyperlink: https://git.kernel.org/stable/c/b226804532a875c10276168dc55ce752944096bd

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Resource:

Patch

Hyperlink: https://git.kernel.org/stable/c/b6536c1ced315fa645576d3a39c6e07f2a472962

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Resource:

Patch

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History