HOMEVULNERABILITIESCVE-2026-43365
HIGH

CVE-2026-43365

Published: May 8, 2026· Updated: May 12, 2026

8.2
CVSS v3.1
EPSS:0.05%probability of exploitation in 30 daysPercentile:16.5th

Official Description

In the Linux kernel, the following vulnerability has been resolved:

xfs: fix undersized l_iclog_roundoff values

If the superblock doesn't list a log stripe unit, we set the incore log

roundoff value to 512. This leads to corrupt logs and unmountable

filesystems in generic/617 on a disk with 4k physical sectors...

XFS (sda1): Mounting V5 Filesystem ff3121ca-26e6-4b77-b742-aaff9a449e1c

XFS (sda1): Torn write (CRC failure) detected at log block 0x318e. Truncating head block from 0x3197.

XFS (sda1): failed to locate log tail

XFS (sda1): log mount/recovery failed: error -74

XFS (sda1): log mount failed

XFS (sda1): Mounting V5 Filesystem ff3121ca-26e6-4b77-b742-aaff9a449e1c

XFS (sda1): Ending clean mount

...on the current xfsprogs for-next which has a broken mkfs. xfs_info

shows this...

meta-data=/dev/sda1 isize=512 agcount=4, agsize=644992 blks

= sectsz=4096 attr=2, projid32bit=1

= crc=1 finobt=1, sparse=1, rmapbt=1

= reflink=1 bigtime=1 inobtcount=1 nrext64=1

= exchange=1 metadir=1

data = bsize=4096 blocks=2579968, imaxpct=25

= sunit=0 swidth=0 blks

naming =version 2 bsize=4096 ascii-ci=0, ftype=1, parent=1

log =internal log bsize=4096 blocks=16384, version=2

= sectsz=4096 sunit=0 blks, lazy-count=1

realtime =none extsz=4096 blocks=0, rtextents=0

= rgcount=0 rgsize=268435456 extents

= zoned=0 start=0 reserved=0

...observe that the log section has sectsz=4096 sunit=0, which means

that the roundoff factor is 512, not 4096 as you'd expect. We should

fix mkfs not to generate broken filesystems, but anyone can fuzz the

ondisk superblock so we should be more cautious. I think the inadequate

logic predates commit a6a65fef5ef8d0, but that's clearly going to

require a different backport.

NVD Source

Technical Analysis

CVE-2026-43365 can be exploited remotely over the network without requiring physical or adjacent access, significantly expanding the attack surface for threat actors.

The vulnerability requires no privileges and no user interaction, making it a prime target for automated exploitation campaigns and worm-like propagation.

A successful exploit results in availability disruption (denial of service), with a CVSS base score of 8.2.

CVSS v3.1 Vector Breakdown

Exploitability
Attack VectorNetwork
Attack ComplexityLow
Privileges Req.None
User InteractionNone
ScopeUnchanged
Impact
ConfidentialityNone
IntegrityLow
AvailabilityHigh
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

Affected Vendors & Products

Mentioned vendors (from description):
Linux
CPE data not yet available in NVD for this CVE.

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

All References (7)

Quick Facts

CVE IDCVE-2026-43365
CVSS Score8.2 / 10
SeverityHIGH
CISA KEVNo
EPSS (30d)0.05%
PublishedMay 8, 2026

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2026-43365 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.