CVE-2026-43268
Description
In the Linux kernel, the following vulnerability has been resolved:
hfsplus: pretend special inodes as regular files
Since commit af153bb63a33 ("vfs: catch invalid modes in may_open()") requires any inode be one of S_IFDIR/S_IFLNK/S_IFREG/S_IFCHR/S_IFBLK/ S_IFIFO/S_IFSOCK type, use S_IFREG for special inodes.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
In the Linux kernel HFS+ filesystem, special inodes were incorrectly typed, causing may_open() to reject file operations; the fix marks them as regular files.
Root
Cause
In the HFS+ filesystem implementation in the Linux kernel, certain special inodes (e.g., those representing metadata or attributes) were not assigned a valid file type such as S_IFREG, S_IFDIR, or S_IFLNK. Since commit af153bb63a33 ("vfs: catch invalid modes in may_open()"), the kernel enforces that every inode passed to may_open() must have a recognized mode. Attempting to open these special inodes triggered a failure because their mode was not one of the allowed types [1][2][3][4].
Exploitation
An attacker with local access to a system using the HFS+ filesystem could trigger this vulnerability by opening a special inode (e.g., via standard file operations on metadata files or by mounting a crafted HFS+ image). No special privileges beyond the ability to interact with the filesystem are required; the bug manifests as a denial of service (e.g., failure to open files, system call errors) or potentially a system crash if the unexpected mode is not handled gracefully [1][3].
Impact
The primary impact is denial of service. Because may_open() rejects the inode, any attempt to open, read, or write the affected special inode returns an error, making the filesystem partially unavailable. In some configurations, this could lead to a system hang or panic if the VFS layer encounters the invalid mode. The CVSS v3 score of 5.5 (Medium) reflects this availability impact with a local attack vector and low complexity [1][2][4].
Mitigation
The fix introduced in kernel commits replaces the invalid modes of such special inodes with S_IFREG, ensuring they pass the may_open() check. The patch has been backported to stable kernel branches and is included in updates. Users should apply the latest kernel updates from their distribution. No workaround exists other than avoiding the use of HFS+ filesystems or not mounting untrusted HFS+ images until the patched kernel is deployed [1][2][3][4].
AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
7cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=2.6.12.1,<5.10.252
- cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- git.kernel.org/stable/c/67407d6abc9520a8a4661285b3ed294eb73ff6e7nvdPatch
- git.kernel.org/stable/c/676bc99d0b3e356cdfec5d8204518e1aac14ec84nvdPatch
- git.kernel.org/stable/c/799c492a619a10322543d13e6d2a6d27335c868cnvdPatch
- git.kernel.org/stable/c/9353d4ee26dc33f6ada1646e84660f4c59189763nvdPatch
- git.kernel.org/stable/c/d209ebaee93fc5089101d34d1b38a91d7abb03fdnvdPatch
- git.kernel.org/stable/c/dcac5582f90b55a267d89769073c5651990b2ec5nvdPatch
- git.kernel.org/stable/c/de9affb698d5034888314880736925c39d6d048envdPatch
- git.kernel.org/stable/c/ed8889ca21b6ab37bc1435c4009ce37a79acb9e6nvdPatch
News mentions
0No linked articles in our index yet.