CVE-2026-43245 Linux CVE debrief

Who should care

Linux administrators, distribution maintainers, and operators running affected kernel branches should care most, especially systems that mount or otherwise rely on NTFS support. NVD lists affected versions in the 6.2 line through before 6.18.16 and in the 6.19 line through before 6.19.6.

Technical summary

According to the CVE description, the NTFS filesystem code used __getname() inside d_compare(), even though that callback must not block. The fix changes both d_compare() and ntfs_d_hash() to use kmalloc(PATH_MAX, GFP_NOWAIT) and removes misuse of names_cachep for non-pathname allocations. NVD’s affected-version criteria mark Linux kernel versions starting at 6.2 and 6.19 as vulnerable until the fixed releases noted above.

Defensive priority

High. This is kernel-level filesystem code with a reported availability impact, so patched kernels should be prioritized on systems that use NTFS support.

Recommended defensive actions

• Apply the fixed Linux kernel updates from your distribution or vendor backport that include the NTFS d_compare() non-blocking fix.
• Verify whether your systems mount or process NTFS filesystems, and prioritize those hosts for remediation.
• Track distro security advisories for backported fixes if you do not run mainline kernel releases.
• Confirm that your deployed kernel version is outside the vulnerable ranges listed by NVD: 6.2 through before 6.18.16, and 6.19 through before 6.19.6.

Evidence notes

The CVE was published on 2026-05-06 and modified on 2026-05-11. The NVD record marks the vulnerability as analyzed and includes three stable-kernel patch references. No CISA KEV entry was provided in the supplied data. The source corpus does not include exploit details, so this debrief stays limited to the documented blocking/non-blocking kernel callback issue and the published fix.

Official resources