CVE-2026-43390 PUBLISHED

nstree: tighten permission checks for listing

Assigner: Linux
Reserved: 01.05.2026 Published: 08.05.2026 Updated: 08.05.2026

In the Linux kernel, the following vulnerability has been resolved:

nstree: tighten permission checks for listing

Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use may_see_all_namespaces() helper that centralizes this policy until the nstree adapts.

Product Status

Vendor	Linux
Product	Linux
Versions	Default: unaffected affected from 76b6f5dfb3fda76fce1f9990d6fa58adc711122b to 0abd81645fc95ec6a9d4e4813000f22c5efc0ff4 (excl.) affected from 76b6f5dfb3fda76fce1f9990d6fa58adc711122b to 8d76afe84fa2babf604b3c173730d4d2b067e361 (excl.)

Vendor	Linux
Product	Linux
Versions	Default: affected Version 6.19 is affected unaffected from 0 to 6.19 (excl.) unaffected from 6.19.9 to 6.19.* (incl.) unaffected from 7.0 to * (incl.)

References

https://git.kernel.org/stable/c/0abd81645fc95ec6a9d4e4813000f22c5efc0ff4
https://git.kernel.org/stable/c/8d76afe84fa2babf604b3c173730d4d2b067e361