{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-43154","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2026-05-01T14:12:55.989Z","datePublished":"2026-05-06T11:27:35.116Z","dateUpdated":"2026-05-11T22:18:48.424Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T22:18:48.424Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nerofs: fix incorrect early exits in volume label handling\n\nCrafted EROFS images containing valid volume labels can trigger\nincorrect early returns, leading to folio reference leaks.\n\nHowever, this does not cause system crashes or other severe issues."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/erofs/super.c"],"versions":[{"version":"1cf12c7177410afcb53f815315d1247ea57fae4f","lessThan":"8d8a878ef60801d867119b3df6a93e2982d62a71","status":"affected","versionType":"git"},{"version":"1cf12c7177410afcb53f815315d1247ea57fae4f","lessThan":"d498bd168494ad4a4bce16192bfb9ce04ca19c9a","status":"affected","versionType":"git"},{"version":"1cf12c7177410afcb53f815315d1247ea57fae4f","lessThan":"3afa4da38802a4cba1c23848a32284e7e57b831b","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/erofs/super.c"],"versions":[{"version":"6.18","status":"affected"},{"version":"0","lessThan":"6.18","status":"unaffected","versionType":"semver"},{"version":"6.18.16","lessThanOrEqual":"6.18.*","status":"unaffected","versionType":"semver"},{"version":"6.19.6","lessThanOrEqual":"6.19.*","status":"unaffected","versionType":"semver"},{"version":"7.0","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.18","versionEndExcluding":"6.18.16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.18","versionEndExcluding":"6.19.6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.18","versionEndExcluding":"7.0"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/8d8a878ef60801d867119b3df6a93e2982d62a71"},{"url":"https://git.kernel.org/stable/c/d498bd168494ad4a4bce16192bfb9ce04ca19c9a"},{"url":"https://git.kernel.org/stable/c/3afa4da38802a4cba1c23848a32284e7e57b831b"}],"title":"erofs: fix incorrect early exits in volume label handling","x_generator":{"engine":"bippy-1.2.0"}}}}