HOMEVULNERABILITIESCVE-2026-43349
NONE

CVE-2026-43349

Published: May 8, 2026· Updated: May 12, 2026

EPSS:0.02%probability of exploitation in 30 daysPercentile:4.1th

Official Description

In the Linux kernel, the following vulnerability has been resolved:

f2fs: fix to avoid uninit-value access in f2fs_sanity_check_node_footer

syzbot reported a f2fs bug as below:

BUG: KMSAN: uninit-value in f2fs_sanity_check_node_footer+0x374/0xa20 fs/f2fs/node.c:1520

f2fs_sanity_check_node_footer+0x374/0xa20 fs/f2fs/node.c:1520

f2fs_finish_read_bio+0xe1e/0x1d60 fs/f2fs/data.c:177

f2fs_read_end_io+0x6ab/0x2220 fs/f2fs/data.c:-1

bio_endio+0x1006/0x1160 block/bio.c:1792

submit_bio_noacct+0x533/0x2960 block/blk-core.c:891

submit_bio+0x57a/0x620 block/blk-core.c:926

blk_crypto_submit_bio include/linux/blk-crypto.h:203 [inline]

f2fs_submit_read_bio+0x12c/0x360 fs/f2fs/data.c:557

f2fs_submit_page_bio+0xee2/0x1450 fs/f2fs/data.c:775

read_node_folio+0x384/0x4b0 fs/f2fs/node.c:1481

__get_node_folio+0x5db/0x15d0 fs/f2fs/node.c:1576

f2fs_get_inode_folio+0x40/0x50 fs/f2fs/node.c:1623

do_read_inode fs/f2fs/inode.c:425 [inline]

f2fs_iget+0x1209/0x9380 fs/f2fs/inode.c:596

f2fs_fill_super+0x8f5a/0xb2e0 fs/f2fs/super.c:5184

get_tree_bdev_flags+0x6e6/0x920 fs/super.c:1694

get_tree_bdev+0x38/0x50 fs/super.c:1717

f2fs_get_tree+0x35/0x40 fs/f2fs/super.c:5436

vfs_get_tree+0xb3/0x5d0 fs/super.c:1754

fc_mount fs/namespace.c:1193 [inline]

do_new_mount_fc fs/namespace.c:3763 [inline]

do_new_mount+0x885/0x1dd0 fs/namespace.c:3839

path_mount+0x7a2/0x20b0 fs/namespace.c:4159

do_mount fs/namespace.c:4172 [inline]

__do_sys_mount fs/namespace.c:4361 [inline]

__se_sys_mount+0x704/0x7f0 fs/namespace.c:4338

__x64_sys_mount+0xe4/0x150 fs/namespace.c:4338

x64_sys_call+0x39f0/0x3ea0 arch/x86/include/generated/asm/syscalls_64.h:166

do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]

do_syscall_64+0x134/0xf80 arch/x86/entry/syscall_64.c:94

entry_SYSCALL_64_after_hwframe+0x77/0x7f

The root cause is: in f2fs_finish_read_bio(), we may access uninit data

in folio if we failed to read the data from device into folio, let's add

a check condition to avoid such issue.

NVD Source

Technical Analysis

CVE-2026-43349 requires local access, meaning attackers must already have a foothold on the target system.

Exploitation requires some privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

Affected Vendors & Products

Mentioned vendors (from description):
Linux
CPE data not yet available in NVD for this CVE.

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

All References (3)

Quick Facts

CVE IDCVE-2026-43349
SeverityNONE
CISA KEVNo
EPSS (30d)0.02%
PublishedMay 8, 2026

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2026-43349 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.