Linux kernel hfsplus: special inode treated as regular file (CVE-2026-43268)
CVE-2026-43268 Published on May 6, 2026
hfsplus: pretend special inodes as regular files
In the Linux kernel, the following vulnerability has been resolved:
hfsplus: pretend special inodes as regular files
Since commit af153bb63a33 ("vfs: catch invalid modes in may_open()")
requires any inode be one of S_IFDIR/S_IFLNK/S_IFREG/S_IFCHR/S_IFBLK/
S_IFIFO/S_IFSOCK type, use S_IFREG for special inodes.
Products Associated with CVE-2026-43268
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and below dcac5582f90b55a267d89769073c5651990b2ec5 is affected.
- Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and below 799c492a619a10322543d13e6d2a6d27335c868c is affected.
- Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and below 676bc99d0b3e356cdfec5d8204518e1aac14ec84 is affected.
- Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and below de9affb698d5034888314880736925c39d6d048e is affected.
- Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and below d209ebaee93fc5089101d34d1b38a91d7abb03fd is affected.
- Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and below 67407d6abc9520a8a4661285b3ed294eb73ff6e7 is affected.
- Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and below 9353d4ee26dc33f6ada1646e84660f4c59189763 is affected.
- Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and below ed8889ca21b6ab37bc1435c4009ce37a79acb9e6 is affected.
- Version 2.6.12 is affected.
- Before 2.6.12 is unaffected.
- Version 5.10.252, <= 5.10.* is unaffected.
- Version 5.15.202, <= 5.15.* is unaffected.
- Version 6.1.165, <= 6.1.* is unaffected.
- Version 6.6.128, <= 6.6.* is unaffected.
- Version 6.12.75, <= 6.12.* is unaffected.
- Version 6.18.16, <= 6.18.* is unaffected.
- Version 6.19.6, <= 6.19.* is unaffected.
- Version 7.0, <= * is unaffected.