CVE-2026-43364

🗓️ 08 May 2026 15:16:00Reported by ubuntu.comType

CVE-2026-43364: Linux kernel ublk_ctrl_set_size may dereference ub_disk when NULL; fix adds mutex check and returns -ENODEV.

Reporter	Title	Published	Views	Family All 15
ATTACKERKB	CVE-2026-43364	8 May 202614:21	–	attackerkb
AstraLinux	Astra Linux - уязвимость в linux-5.10	20 May 202605:53	–	astralinux
CNNVD	Linux kernel 安全漏洞	8 May 202600:00	–	cnnvd
CVE	CVE-2026-43364	8 May 202614:21	–	cve
Cvelist	CVE-2026-43364 ublk: fix NULL pointer dereference in ublk_ctrl_set_size()	8 May 202614:21	–	cvelist
Debian CVE	CVE-2026-43364	8 May 202614:21	–	debiancve
EUVD	EUVD-2026-28670	8 May 202615:31	–	euvd
NVD	CVE-2026-43364	8 May 202615:16	–	nvd
OSV	BELL-CVE-2026-43364 CVE-2026-43364 does not affect BellSoft software	9 May 202606:09	–	osv
OSV	DEBIAN-CVE-2026-43364	8 May 202615:16	–	osv

OS	OS Version	Architecture	Package	Filename
Ubuntu	24.04	any	linux-hwe-6.17	linux-hwe-6.17_0_any.deb
Ubuntu	24.04	any	linux-aws-6.17	linux-aws-6.17_0_any.deb
Ubuntu	24.04	any	linux-azure-6.17	linux-azure-6.17_0_any.deb
Ubuntu	26.04	any	linux-azure-fde	linux-azure-fde_0_any.deb
Ubuntu	25.10	any	linux-azure-fde	linux-azure-fde_0_any.deb
Ubuntu	24.04	any	linux-azure-fde-6.17	linux-azure-fde-6.17_0_any.deb
Ubuntu	25.10	any	linux-gcp	linux-gcp_0_any.deb
Ubuntu	24.04	any	linux-gcp-6.17	linux-gcp-6.17_0_any.deb
Ubuntu	24.04	any	linux-oracle-6.17	linux-oracle-6.17_0_any.deb
Ubuntu	24.04	any	linux-oem-6.17	linux-oem-6.17_0_any.deb

Source	Link
cve	www.cve.org/CVERecord
git	www.git.kernel.org/linus/25966fc097691e5c925ad080f64a2f19c5fd940a%20(7.0-rc4)
git	www.git.kernel.org/stable/c/25966fc097691e5c925ad080f64a2f19c5fd940a
git	www.git.kernel.org/stable/c/c28d945bfa92e15147e93b73f95345b9bec979b0
git	www.git.kernel.org/stable/c/f13fe6794726755a43090cb680c4c58cea6aa5f1

23 May 2026 09:49Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.15.5

EPSS0.00121