Cyber Resilience

CVE-2026-43403

High

Published: 08 May 2026

Published
08 May 2026
Modified
21 May 2026
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0013 2.9th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-43403 is a high-severity an unspecified weakness vulnerability in Linux Linux Kernel. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique System Information Discovery (T1082); ranked at the 2.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for ns iteration ioctls Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other.…

more

Use may_see_all_namespaces() helper that centralizes this policy until the nstree adapts.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1082 System Information Discovery Discovery
An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture.
T1613 Container and Resource Discovery Discovery
Adversaries may attempt to discover containers and other resources that are available within a containers environment.
Why these techniques?

Insufficient nsfs ioctl permission checks enable unauthorized namespace enumeration, directly facilitating system/container resource discovery.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

Affected Assets

linux
linux kernel
7.0 · 6.12 — 6.12.78 · 6.13 — 6.18.20 · 6.19 — 6.19.9

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References