CVE-2026-43209
Linux Kernel Minix Filesystem Sanity Check Bypass
Publication date: 2026-05-06
Last updated on: 2026-05-06
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| minix | minix | * |
| linux_kernel | minix | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is related to the Linux kernel's implementation of the Minix filesystem. Specifically, the function minix_check_superblock() lacked necessary sanity checks for certain fields in the Minix superblock. The filesystem only supports a value of 0 for the s_log_zone_size field, but previously there was no validation enforcing this. The patch adds required sanity checking to ensure that unsupported or unexpected values are not accepted, which helps prevent potential issues caused by malformed or malicious superblock data.
How can this vulnerability impact me? :
Without proper sanity checks in the Minix filesystem superblock, there is a risk that malformed or malicious filesystem metadata could cause unexpected behavior in the Linux kernel. This could potentially lead to system instability, crashes, or other unintended effects when accessing or mounting Minix filesystems. By adding these checks, the vulnerability reduces the risk of such issues.