CVE-2026-43364

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A NULL pointer dereference exists in the ublk ctrl set size() function. The issue occurs because the function calls set capacity and notify() using ub->ub disk without verifying if the pointer is NULL. This pointer is NULL before the UBLK CMD START DEV command completes or after UBLK CMD STOP DEV has executed. Because the UBLK CMD UPDATE SIZE handler lacks state validation, a user can trigger this crash by sending an UPDATE SIZE command to a device that is either stopped or has been added but not yet started.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.