Vulnerabilities ›

CVE-2026-43228

Medium

CWE-617 — Weakness Type

                    Published: May 6, 2026                      ·  Modified: May 9, 2026                      ·  Source: NVD                

CVSS v3

5.5

🔗 NVD Official

📄 Description (English)

In the Linux kernel, the following vulnerability has been resolved:

hfs: Replace BUG_ON with error handling for CNID count checks

In a06ec283e125 next_id, folder_count, and file_count in the super block
info were expanded to 64 bits, and BUG_ONs were added to detect
overflow. This triggered an error reported by syzbot: if the MDB is
corrupted, the BUG_ON is triggered. This patch replaces this mechanism
with proper error handling and resolves the syzbot reported bug.

Singed-off-by: Jori Koolstra <jkoolstra@xs4all.nl>

🤖 AI Executive Summary

CVE-2026-43228 addresses a vulnerability in the Linux kernel's HFS filesystem implementation where BUG_ON assertions could be triggered by corrupted MDB (Master Directory Block) data, causing kernel panics. The fix replaces these assertions with proper error handling to gracefully manage corrupted filesystem metadata.

📄 Description (Arabic)

تؤثر هذه الثغرة على برنامج تشغيل نظام ملفات HFS في نوى Linux حيث يمكن لبيانات MDB التالفة أن تؤدي إلى توقف النواة من خلال تأكيدات BUG_ON. يتم حل الثغرة بتطبيق معالجة أخطاء مناسبة بدلاً من التأكيدات لكشف فيض عدد CNID.

🤖 ملخص تنفيذي (AI)

This CVE affects the HFS filesystem driver in Linux kernels, where corrupted filesystem metadata can trigger kernel panics through BUG_ON assertions. The vulnerability is resolved by implementing proper error handling instead of assertions for CNID count overflow detection.

🤖 AI Intelligence Analysis Analyzed: May 25, 2026 14:31

🇸🇦 Saudi Arabia Impact Assessment

Saudi Relevance: medium

🏢 Affected Saudi Sectors

government telecom energy

🎯 MITRE ATT&CK Techniques

T1499 T1561

⚖️ Saudi Risk Score (AI)

5.0

/ 10.0

🔧 Remediation Steps (English)

Update the Linux kernel to a patched version that includes proper error handling for HFS filesystem CNID count checks instead of BUG_ON assertions. Organizations should apply kernel security updates from their distribution maintainers and verify filesystem integrity tools are available for detecting corrupted HFS metadata.

🔧 خطوات المعالجة (العربية)

قم بتحديث نواة Linux إلى إصدار مصحح يتضمن معالجة أخطاء مناسبة لفحوصات عدد CNID في نظام ملفات HFS بدلاً من تأكيدات BUG_ON. يجب على المؤسسات تطبيق تحديثات أمان النواة من موزعي التوزيعات الخاصة بهم والتحقق من توفر أدوات التحقق من سلامة نظام الملفات.

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

A1 A2

🔵 SAMA CSF

ID.BE-1 PR.IP-1

🟡 ISO 27001:2022

A.12.2.1 A.12.6.1

🔗 References & Sources 2

🔗

https://git.kernel.org/stable/c/b226804532a875c10276168dc55ce752944096bd

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

🔗

https://git.kernel.org/stable/c/b6536c1ced315fa645576d3a39c6e07f2a472962

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

📦 Affected Products / CPE 1 entries

linux:linux_kernel

📊 CVSS Score

5.5

/ 10.0 — Medium

📊 CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack VectorL — Low / Local

Attack ComplexityL — Low / Local

Privileges RequiredL — Low / Local

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityN — None / Network

IntegrityN — None / Network

AvailabilityH — High

📋 Quick Facts

Severity Medium

CVSS Score5.5

CWECWE-617

EPSS0.01%

Exploit No

Patch ✓ Yes

Published 2026-05-06

Source Feed nvd

🇸🇦 Saudi Risk Score

5.0

/ 10.0 — Saudi Risk

Priority: MEDIUM

🏷️ Tags

patch-available CWE-617

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

CVE-2026-43228

Introduce Yourself

Sign In Required