PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-43390 Linux CVE debrief

A vulnerability in the Linux kernel's nstree (namespace tree) subsystem allowed privileged services to enumerate namespaces belonging to other privileged services, potentially enabling cross-service information leakage. The issue stemmed from insufficient permission checks when listing namespaces. The fix introduces the `may_see_all_namespaces()` helper to centralize and tighten access policy enforcement. This is a local privilege boundary issue affecting Linux kernel versions 6.19 through 6.19.8 and 7.0 release candidates rc1 and rc2. The vulnerability was published on 2026-05-08 and last modified on 2026-05-26. No known exploitation in the wild has been reported, and this vulnerability is not listed in CISA's Known Exploited Vulnerabilities catalog.

Vendor
Linux
Product
Unknown
CVSS
MEDIUM 5.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-08
Original CVE updated
2026-05-26
Advisory published
2026-05-08
Advisory updated
2026-05-26

Who should care

System administrators running Linux kernel 6.19.x or 7.0-rc versions, particularly those operating containerized environments, multi-tenant systems, or deployments with multiple privileged services requiring strict isolation boundaries. Security teams responsible for kernel security posture and vulnerability management programs.

Technical summary

The Linux kernel's nstree subsystem, which manages namespace hierarchies, previously allowed privileged services to list namespaces without adequate permission validation. This could enable one privileged service to discover and potentially leak information about another privileged service's namespace configuration. The vulnerability is addressed by implementing the `may_see_all_namespaces()` helper function, which centralizes policy decisions regarding namespace visibility. The fix ensures that even processes with elevated privileges cannot arbitrarily enumerate namespaces belonging to other privileged contexts. The CVSS 3.1 score of 5.5 (MEDIUM) reflects the local attack vector and high availability impact potential, though confidentiality and integrity impacts are rated as none in the base vector.

Defensive priority

medium

Recommended defensive actions

  • Apply kernel patches from the stable Linux kernel tree to systems running affected versions (6.19.x through 6.19.8, 7.0-rc1, 7.0-rc2)
  • Monitor for namespace enumeration attempts by privileged processes as potential indicators of probing activity
  • Review container and service isolation configurations to ensure defense in depth against potential namespace information leakage
  • Validate that container runtimes and orchestration platforms incorporate patched kernel versions in their base images
  • Consider namespace visibility restrictions as part of threat modeling for multi-tenant or highly privileged service deployments

Evidence notes

The vulnerability description and affected versions are derived from the official NVD record and kernel.org patch references. The CVSS 3.1 vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H indicates local attack vector with low attack complexity, low privileges required, and high availability impact. The CPE criteria specify affected versions as Linux kernel 6.19 through 6.19.8 and 7.0-rc1/rc2.

Official resources

2026-05-08