Vulnerabilities ›

CVE-2026-43127

Medium

CWE-667 — Weakness Type

                    Published: May 6, 2026                      ·  Modified: May 9, 2026                      ·  Source: NVD                

CVSS v3

5.5

🔗 NVD Official

📄 Description (English)

In the Linux kernel, the following vulnerability has been resolved:

ntfs3: fix circular locking dependency in run_unpack_ex

Syzbot reported a circular locking dependency between wnd->rw_lock
(sbi->used.bitmap) and ni->file.run_lock.

The deadlock scenario:
1. ntfs_extend_mft() takes ni->file.run_lock then wnd->rw_lock.
2. run_unpack_ex() takes wnd->rw_lock then tries to acquire
ni->file.run_lock inside ntfs_refresh_zone().

This creates an AB-BA deadlock.

Fix this by using down_read_trylock() instead of down_read() when
acquiring run_lock in run_unpack_ex(). If the lock is contended,
skip ntfs_refresh_zone() - the MFT zone will be refreshed on the
next MFT operation. This breaks the circular dependency since we
never block waiting for run_lock while holding wnd->rw_lock.

🤖 AI Executive Summary

A circular locking dependency vulnerability in the Linux kernel's NTFS3 filesystem driver allows potential deadlock conditions between wnd->rw_lock and ni->file.run_lock. The vulnerability is resolved by using non-blocking lock acquisition to prevent the AB-BA deadlock scenario.

📄 Description (Arabic)

تم اكتشاف ثغرة حلقة دائرية في قفل في برنامج تشغيل نظام ملفات NTFS3 بنواة Linux حيث يمكن أن يحدث جمود (deadlock) بين وحدات القفل المختلفة. يتم إصلاح المشكلة باستخدام محاولة قفل غير محجوبة لتجنب سيناريو الجمود AB-BA.

🤖 ملخص تنفيذي (AI)

🤖 AI Intelligence Analysis Analyzed: May 25, 2026 14:31

🇸🇦 Saudi Arabia Impact Assessment

Saudi Relevance: medium

🏢 Affected Saudi Sectors

government telecom energy

🎯 MITRE ATT&CK Techniques

T1499.004

⚖️ Saudi Risk Score (AI)

5.0

/ 10.0

🔧 Remediation Steps (English)

Update the Linux kernel to the latest patched version that includes the fix for CVE-2026-43127. Apply the patch that modifies run_unpack_ex() to use down_read_trylock() instead of down_read() when acquiring run_lock, allowing graceful handling of lock contention without blocking.

🔧 خطوات المعالجة (العربية)

قم بتحديث نواة Linux إلى أحدث إصدار مصحح يتضمن إصلاح CVE-2026-43127. طبق التصحيح الذي يعدل run_unpack_ex() لاستخدام down_read_trylock() بدلاً من down_read() عند الحصول على run_lock، مما يسمح بمعالجة آمنة لتنازع الأقفال دون حجب.

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

ECC-2.1

🟡 ISO 27001:2022

A.12.6.1

🔗 References & Sources 3

🔗

https://git.kernel.org/stable/c/08ce2fee1b869ecbfbd94e0eb2630e52203a2e03

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

🔗

https://git.kernel.org/stable/c/b014372b62237521444ee51384549bdf48b79015

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

🔗

https://git.kernel.org/stable/c/b8d22d9d8260b0f4f4d8e2898c98037c9982ea66

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

📦 Affected Products / CPE 2 entries

linux:linux_kernel

📊 CVSS Score

5.5

/ 10.0 — Medium

📊 CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack VectorL — Low / Local

Attack ComplexityL — Low / Local

Privileges RequiredL — Low / Local

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityN — None / Network

IntegrityN — None / Network

AvailabilityH — High

📋 Quick Facts

Severity Medium

CVSS Score5.5

CWECWE-667

EPSS0.01%

Exploit No

Patch ✓ Yes

Published 2026-05-06

Source Feed nvd

🇸🇦 Saudi Risk Score

5.0

/ 10.0 — Saudi Risk

Priority: MEDIUM

🏷️ Tags

patch-available CWE-667

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

CVE-2026-43127

Introduce Yourself

Sign In Required