CVE-2026-43361

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue in the btrfs filesystem allows a user to trigger a transaction abort by repeatedly snapshotting a previously received subvolume. This occurs when a BTRFS UUID KEY RECEIVED SUBVOL item overflow is reached, which is the maximum item size that can be stored in a leaf. Because the snapshot, send, set received subvol, and subvol setflags functions only require inode owner or capable() rather than CAP SYS ADMIN, a malicious user can exploit this to force the filesystem into read-only mode, resulting in system disruption.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.