CVE-2026-43359

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the btrfs component where the 'set received' ioctl can trigger a transaction abort due to an item overflow when adding the BTRFS UUID KEY RECEIVED SUBVOL. A user who owns a subvolume can trigger this overflow by calling the ioctl with the same received UUID field for numerous subvolumes, causing the filesystem to enter read-only (RO) mode. This process does not require administrative privileges (CAP SYS ADMIN).

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.