CVE-2026-43245

EUVD-2026-27806
In the Linux kernel, the following vulnerability has been resolved:

ntfs: ->d_compare() must not block

... so don't use __getname() there.  Switch it (and ntfs_d_hash(), while
we are at it) to kmalloc(PATH_MAX, GFP_NOWAIT).  Yes, ntfs_d_hash()
almost certainly can do with smaller allocations, but let ntfs folks
deal with that - keep the allocation size as-is for now.

Stop abusing names_cachep in ntfs, period - various uses of that thing
in there have nothing to do with pathnames; just use k[mz]alloc() and
be done with that.  For now let's keep sizes as-in, but AFAICS none of
the users actually want PATH_MAX.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
6.2 ≤
𝑥
< 6.18.16
linuxlinux_kernel
6.19 ≤
𝑥
< 6.19.6
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.170-3
fixed
bookworm (security)
6.1.174-1
fixed
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.257-1
fixed
forky
7.0.12-2
fixed
sid
7.0.13-1
fixed
trixie
vulnerable
trixie (security)
6.12.94-1
fixed
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
bpftool6.18
Amazon Linux 2023
1:6.18.16-18.222.amzn2023
fixed
bpftool6.18-debuginfo
Amazon Linux 2023
1:6.18.16-18.222.amzn2023
fixed
kernel-livepatch-6.18.16-18.222
Amazon Linux 2023
1:1.0-0.amzn2023
fixed
kernel6.18
Amazon Linux 2023
1:6.18.16-18.222.amzn2023
fixed
kernel6.18-debuginfo
Amazon Linux 2023
1:6.18.16-18.222.amzn2023
fixed
kernel6.18-debuginfo-common-aarch64
Amazon Linux 2023
1:6.18.16-18.222.amzn2023
fixed
kernel6.18-debuginfo-common-x86_64
Amazon Linux 2023
1:6.18.16-18.222.amzn2023
fixed
kernel6.18-devel
Amazon Linux 2023
1:6.18.16-18.222.amzn2023
fixed
kernel6.18-headers
Amazon Linux 2023
1:6.18.16-18.222.amzn2023
fixed
kernel6.18-libbpf
Amazon Linux 2023
1:6.18.16-18.222.amzn2023
fixed
kernel6.18-libbpf-debuginfo
Amazon Linux 2023
1:6.18.16-18.222.amzn2023
fixed
kernel6.18-libbpf-devel
Amazon Linux 2023
1:6.18.16-18.222.amzn2023
fixed
kernel6.18-libbpf-static
Amazon Linux 2023
1:6.18.16-18.222.amzn2023
fixed
kernel6.18-modules-extra
Amazon Linux 2023
1:6.18.16-18.222.amzn2023
fixed
kernel6.18-modules-extra-common
Amazon Linux 2023
1:6.18.16-18.222.amzn2023
fixed
kernel6.18-tools
Amazon Linux 2023
1:6.18.16-18.222.amzn2023
fixed
kernel6.18-tools-debuginfo
Amazon Linux 2023
1:6.18.16-18.222.amzn2023
fixed
kernel6.18-tools-devel
Amazon Linux 2023
1:6.18.16-18.222.amzn2023
fixed
perf6.18
Amazon Linux 2023
1:6.18.16-18.222.amzn2023
fixed
perf6.18-debuginfo
Amazon Linux 2023
1:6.18.16-18.222.amzn2023
fixed
python3-perf6.18
Amazon Linux 2023
1:6.18.16-18.222.amzn2023
fixed
python3-perf6.18-debuginfo
Amazon Linux 2023
1:6.18.16-18.222.amzn2023
fixed
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/02ecc0978c459fd90bb24b2a946dd16d43e68fe5
https://git.kernel.org/stable/c/142c444a395f4d26055c8a4473e228bb86283f1e
https://git.kernel.org/stable/c/1be7ca86ce1794d966fda5d82181bc978b150fbc
https://git.kernel.org/stable/c/ca2a04e84af79596e5cd9cfe697d5122ec39c8ce
https://git.kernel.org/stable/c/fb4b1f969ba01fa1d4088467a02fc1e5f0806710