CVE-2026-43268 · threatengine.sh

Home/CVE/In the Linux kernel, the following vulnerability has been resolved: hfsplus: pretend special inodes as regular files S

CVE

CVE-2026-43268

In the Linux kernel, the following vulnerability has been resolved: hfsplus: pretend special inodes as regular files S

In the Linux kernel, the following vulnerability has been resolved: hfsplus: pretend special inodes as regular files Since commit af153bb63a33 ("vfs: catch invalid modes in may_open()") requires any inode be one of S_IFDIR/S_IFLNK/S_IFREG/S_IFCHR/S_IFBLK/ S_IFIFO/S_IFSOCK type, use S_IFREG for special inodes.

MEDIUM · CVSS 5.5 EPSS 0.00013

Monitor

No active-exploitation, high-EPSS, or public-exploit signals - routine patching cadence

Sigma rules0 YARA rules0

▤

Affected Products & Versions

8

linux kernel>= 2.6.12.1 and < 5.10.252
linux kernel>= 5.11 and < 5.15.202
linux kernel>= 5.16 and < 6.1.165
linux kernel>= 6.2 and < 6.6.128
linux kernel>= 6.7 and < 6.12.75
linux kernel>= 6.13 and < 6.18.16
linux kernel>= 6.19 and < 6.19.6
linux kernelall versions

▣

Scoring & Timeline

5.5

MEDIUM · CVSS v3.1 · 416baaa9-dc9f-4396-8d5f-8c081fb06d67

View on NVD

Attack Vector

Network Adjacent Local Physical

Attack Complexity

Low High

Privileges Required

None Low High

User Interaction

None Required

Scope

Unchanged Changed

Confidentiality

None Low High

Integrity

None Low High

Availability

None Low High

Published to NVD06 May 2026 · 12:16 PM

CVSS VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

🔗

References & Sources

8

Source URLs (vendor pages, mailing lists, write-ups). Exploit/PoC links are in their own section above to avoid duplication.

https://git.kernel.org/stable/c/67407d6abc9520a8a4661285b3ed294eb73ff6e7Patch

https://git.kernel.org/stable/c/676bc99d0b3e356cdfec5d8204518e1aac14ec84Patch

https://git.kernel.org/stable/c/799c492a619a10322543d13e6d2a6d27335c868cPatch

https://git.kernel.org/stable/c/9353d4ee26dc33f6ada1646e84660f4c59189763Patch

https://git.kernel.org/stable/c/d209ebaee93fc5089101d34d1b38a91d7abb03fdPatch

https://git.kernel.org/stable/c/dcac5582f90b55a267d89769073c5651990b2ec5Patch

Show all 8 references

https://git.kernel.org/stable/c/de9affb698d5034888314880736925c39d6d048ePatch

https://git.kernel.org/stable/c/ed8889ca21b6ab37bc1435c4009ce37a79acb9e6Patch

Intelligence Graph · click any node to traverse

CVETechnique ActorTool Family

drag to reposition · click any node to traverse · button top-right enlarges

External lookups - second-class, for what we don’t hold ourselves

NVD CVE.org CISA Vulners Exploit-DB GitHub PoC VulnCheck KEV GreyNoise

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin