U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. Vulnerabilities

CVE-2026-43168 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix reflink preserve cleanup issue commit c06c303832ec ("ocfs2: fix xattr array entry __counted_by error") doesn't handle all cases and the cleanup job for preserved xattr entries still has bug: - the 'last' pointer should be shifted by one unit after cleanup an array entry. - current code logic doesn't cleanup the first entry when xh_count is 1. Note, commit c06c303832ec is also a bug fix for 0fe9b66c65f3.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
https://git.kernel.org/stable/c/02acc9f72365e50eb45a56b7dacb9114ca3b503c kernel.org Patch 
https://git.kernel.org/stable/c/2f4daccd9d9b8b2952df7878df8c2e8ba6439398 kernel.org Patch 
https://git.kernel.org/stable/c/3bdc3766aafb052aef4baadef455a84c1c0a059d kernel.org Patch 
https://git.kernel.org/stable/c/5138c936c2c82c9be8883921854bc6f7e1177d8c kernel.org Patch 
https://git.kernel.org/stable/c/8ff329353134280b203cb2bce95311cb8f7cbd8a kernel.org Patch 
https://git.kernel.org/stable/c/b2952dbeac2c3c527cb0519d5ffaeb95b062466a kernel.org Patch 
https://git.kernel.org/stable/c/bb273b68c1719c2925e05557f7e7099edb066680 kernel.org Patch 
https://git.kernel.org/stable/c/c44d86ca949cb1e5566ad14510cc26fa1a17e2d8 kernel.org Patch 

Weakness Enumeration

CWE-ID CWE Name Source
NVD-CWE-noinfo Insufficient Information cwe source acceptance level NIST  

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

2 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2026-43168
NVD Published Date:
05/06/2026
NVD Last Modified:
05/13/2026
Source:
kernel.org