{
  "threat_severity" : "Important",
  "public_date" : "2026-05-06T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: xfs: fix freemap adjustments when adding xattrs to leaf blocks",
    "id" : "2467210",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2467210"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.0",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
    "status" : "draft"
  },
  "cwe" : "CWE-131",
  "details" : [ "A flaw was found in the Linux kernel's XFS filesystem. When adding extended attributes (xattrs), which are metadata associated with files, to leaf blocks, incorrect adjustments to the freemap can occur. This inconsistency allows the entries array and free space to overlap, leading to an assertion failure. A local user can exploit this to cause the filesystem to shut down, resulting in a Denial of Service (DoS)." ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-43158\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-43158\nhttps://lore.kernel.org/linux-cve-announce/2026050631-CVE-2026-43158-cc20@gregkh/T" ],
  "name" : "CVE-2026-43158",
  "csaw" : false
}