CVE-2026-43390

In the Linux kernel, the following vulnerability has been resolved: nstree: tighten permission checks for listing Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use may_see_all_namespaces() helper t...

medium 5.5 CVSS 3.1

Published: May 8, 2026

Modified: May 26, 2026

Vendor: Linux

Product: Linux Kernel

Versions: 7.0

Description

In the Linux kernel, the following vulnerability has been resolved:

nstree: tighten permission checks for listing

Even privileged services should not necessarily be able to see other
privileged service's namespaces so they can't leak information to each
other. Use may_see_all_namespaces() helper that centralizes this policy
until the nstree adapts.

References

https://git.kernel.org/stable/c/0abd81645fc95ec6a9d4e4813000f22c5efc0ff4
https://git.kernel.org/stable/c/8d76afe84fa2babf604b3c173730d4d2b067e361

Related CVEs

CVSS Breakdown

Version	3.1
Score	5.5 / 10
Severity	medium

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Product

Vendor	Linux
Product	Linux Kernel
Versions	7.0