CVE-2026-43348

🗓️ 08 May 2026 14:16:00Reported by ubuntu.comType

ubuntucve

ubuntucve🔗 ubuntu.com👁 3 Views

Fix vmemmap_shift overflow in MSHV_ADD_VTL0_MEMORY by clamping to MAX_FOLIO_ORDER and returning error

Reporter	Title	Published	Views	Family All 28
ATTACKERKB	CVE-2026-43348	8 May 202613:41	–	attackerkb
AstraLinux	Astra Linux - уязвимость в linux-5.10	20 May 202605:53	–	astralinux
Circl	CVE-2026-43348	8 May 202617:00	–	circl
CNNVD	Linux kernel 安全漏洞	8 May 202600:00	–	cnnvd
CVE	CVE-2026-43348	8 May 202613:41	–	cve
Cvelist	CVE-2026-43348 mshv_vtl: Fix vmemmap_shift exceeding MAX_FOLIO_ORDER	8 May 202613:41	–	cvelist
Debian CVE	CVE-2026-43348	8 May 202613:41	–	debiancve
EUVD	EUVD-2026-28632	8 May 202615:31	–	euvd
NVD	CVE-2026-43348	8 May 202614:16	–	nvd
OPENSUSE Linux	kernel-devel-7.0.7-1.1 on GA media (moderate)	17 May 202600:00	–	opensuse

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	26.04	any	linux	0	linux_0_any.deb
Ubuntu	26.04	any	linux-azure	0	linux-azure_0_any.deb
Ubuntu	26.04	any	linux-gcp	0	linux-gcp_0_any.deb
Ubuntu	26.04	any	linux-aws	0	linux-aws_0_any.deb
Ubuntu	26.04	any	linux-ibm	0	linux-ibm_0_any.deb
Ubuntu	26.04	any	linux-nvidia	0	linux-nvidia_0_any.deb
Ubuntu	26.04	any	linux-raspi	0	linux-raspi_0_any.deb
Ubuntu	26.04	any	linux-riscv	0	linux-riscv_0_any.deb
Ubuntu	26.04	any	linux-realtime	0	linux-realtime_0_any.deb
Ubuntu	26.04	any	linux-azure-fde	0	linux-azure-fde_0_any.deb

Source	Link
cve	www.cve.org/CVERecord
git	www.git.kernel.org/linus/404cd6bffe17e25e0f94ed2775ffdd6cd10ac3fd%20(7.1-rc1)
git	www.git.kernel.org/stable/c/404cd6bffe17e25e0f94ed2775ffdd6cd10ac3fd
git	www.git.kernel.org/stable/c/a142ca4b6481e71498712800b20e0c0fcf02843b

23 May 2026 09:49Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.15.5

EPSS0.001

linux kernel vmemmap shift clamp maximum folio order memremap pages error virtual translation layer memory