{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-43168", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-05-01T14:12:55.990Z", "datePublished": "2026-05-06T11:27:44.570Z", "dateUpdated": "2026-05-06T11:27:44.570Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-06T11:27:44.570Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix reflink preserve cleanup issue\n\ncommit c06c303832ec (\"ocfs2: fix xattr array entry __counted_by error\")\ndoesn't handle all cases and the cleanup job for preserved xattr entries\nstill has bug:\n- the 'last' pointer should be shifted by one unit after cleanup\n an array entry.\n- current code logic doesn't cleanup the first entry when xh_count is 1.\n\nNote, commit c06c303832ec is also a bug fix for 0fe9b66c65f3."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/ocfs2/xattr.c"], "versions": [{"version": "0fe9b66c65f3ff227da45381afe7612f91e32740", "lessThan": "c44d86ca949cb1e5566ad14510cc26fa1a17e2d8", "status": "affected", "versionType": "git"}, {"version": "0fe9b66c65f3ff227da45381afe7612f91e32740", "lessThan": "02acc9f72365e50eb45a56b7dacb9114ca3b503c", "status": "affected", "versionType": "git"}, {"version": "0fe9b66c65f3ff227da45381afe7612f91e32740", "lessThan": "8ff329353134280b203cb2bce95311cb8f7cbd8a", "status": "affected", "versionType": "git"}, {"version": "0fe9b66c65f3ff227da45381afe7612f91e32740", "lessThan": "bb273b68c1719c2925e05557f7e7099edb066680", "status": "affected", "versionType": "git"}, {"version": "0fe9b66c65f3ff227da45381afe7612f91e32740", "lessThan": "b2952dbeac2c3c527cb0519d5ffaeb95b062466a", "status": "affected", "versionType": "git"}, {"version": "0fe9b66c65f3ff227da45381afe7612f91e32740", "lessThan": "3bdc3766aafb052aef4baadef455a84c1c0a059d", "status": "affected", "versionType": "git"}, {"version": "0fe9b66c65f3ff227da45381afe7612f91e32740", "lessThan": "2f4daccd9d9b8b2952df7878df8c2e8ba6439398", "status": "affected", "versionType": "git"}, {"version": "0fe9b66c65f3ff227da45381afe7612f91e32740", "lessThan": "5138c936c2c82c9be8883921854bc6f7e1177d8c", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/ocfs2/xattr.c"], "versions": [{"version": "2.6.32", "status": "affected"}, {"version": "0", "lessThan": "2.6.32", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.252", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.202", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.165", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.128", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.75", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.16", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.6", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.32", "versionEndExcluding": "5.10.252"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.32", "versionEndExcluding": "5.15.202"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.32", "versionEndExcluding": "6.1.165"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.32", "versionEndExcluding": "6.6.128"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.32", "versionEndExcluding": "6.12.75"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.32", "versionEndExcluding": "6.18.16"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.32", "versionEndExcluding": "6.19.6"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.32", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/c44d86ca949cb1e5566ad14510cc26fa1a17e2d8"}, {"url": "https://git.kernel.org/stable/c/02acc9f72365e50eb45a56b7dacb9114ca3b503c"}, {"url": "https://git.kernel.org/stable/c/8ff329353134280b203cb2bce95311cb8f7cbd8a"}, {"url": "https://git.kernel.org/stable/c/bb273b68c1719c2925e05557f7e7099edb066680"}, {"url": "https://git.kernel.org/stable/c/b2952dbeac2c3c527cb0519d5ffaeb95b062466a"}, {"url": "https://git.kernel.org/stable/c/3bdc3766aafb052aef4baadef455a84c1c0a059d"}, {"url": "https://git.kernel.org/stable/c/2f4daccd9d9b8b2952df7878df8c2e8ba6439398"}, {"url": "https://git.kernel.org/stable/c/5138c936c2c82c9be8883921854bc6f7e1177d8c"}], "title": "ocfs2: fix reflink preserve cleanup issue", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix reflink preserve cleanup issue\n\ncommit c06c303832ec (\"ocfs2: fix xattr array entry __counted_by error\")\ndoesn't handle all cases and the cleanup job for preserved xattr entries\nstill has bug:\n- the 'last' pointer should be shifted by one unit after cleanup\n an array entry.\n- current code logic doesn't cleanup the first entry when xh_count is 1.\n\nNote, commit c06c303832ec is also a bug fix for 0fe9b66c65f3."}], "id": "CVE-2026-43168", "lastModified": "2026-05-06T13:07:51.607", "metrics": {}, "published": "2026-05-06T12:16:35.060", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/02acc9f72365e50eb45a56b7dacb9114ca3b503c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/2f4daccd9d9b8b2952df7878df8c2e8ba6439398"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/3bdc3766aafb052aef4baadef455a84c1c0a059d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/5138c936c2c82c9be8883921854bc6f7e1177d8c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/8ff329353134280b203cb2bce95311cb8f7cbd8a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b2952dbeac2c3c527cb0519d5ffaeb95b062466a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/bb273b68c1719c2925e05557f7e7099edb066680"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c44d86ca949cb1e5566ad14510cc26fa1a17e2d8"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: ocfs2: fix reflink preserve cleanup issue", "id": "2467232", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467232"}, "csaw": false, "cwe": "CWE-911", "details": ["A flaw was found in the Linux kernel's Oracle Cluster File System version 2 (ocfs2). This vulnerability arises from an issue in the reflink preserve cleanup process, where the system incorrectly handles extended attribute (xattr) entries. The cleanup logic fails to properly manage pointers and clean up the first entry under specific conditions. This could potentially lead to data integrity problems or system instability."], "name": "CVE-2026-43168", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-05-06T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-43168\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-43168\nhttps://lore.kernel.org/linux-cve-announce/2026050634-CVE-2026-43168-3cc3@gregkh/T"]}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[0fe9b66c65f3ff227da45381afe7612f91e32740,c44d86ca949cb1e5566ad14510cc26fa1a17e2d8)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[0fe9b66c65f3ff227da45381afe7612f91e32740,02acc9f72365e50eb45a56b7dacb9114ca3b503c)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[0fe9b66c65f3ff227da45381afe7612f91e32740,8ff329353134280b203cb2bce95311cb8f7cbd8a)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[0fe9b66c65f3ff227da45381afe7612f91e32740,bb273b68c1719c2925e05557f7e7099edb066680)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[0fe9b66c65f3ff227da45381afe7612f91e32740,b2952dbeac2c3c527cb0519d5ffaeb95b062466a)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[0fe9b66c65f3ff227da45381afe7612f91e32740,3bdc3766aafb052aef4baadef455a84c1c0a059d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[0fe9b66c65f3ff227da45381afe7612f91e32740,2f4daccd9d9b8b2952df7878df8c2e8ba6439398)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[0fe9b66c65f3ff227da45381afe7612f91e32740,5138c936c2c82c9be8883921854bc6f7e1177d8c)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "2.6.32"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,2.6.32)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[5.10.252,5.11.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[5.15.202,5.16.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.1.165,6.2.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.6.128,6.7.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.12.75,6.13.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.16,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.19.6,6.20.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[7.0,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "created": "2026-05-06T15:45:06.100432+00:00", "updated": "2026-05-06T15:45:06.326519+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"], "weaknesses": ["CWE-416", "CWE-665"]}