CVE-2026-43420

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the Ceph component of the Linux kernel where an i nlink counter underrun can occur during an asynchronous unlink operation. In the ceph unlink() function, a request is submitted to the Metadata Server (MDS) via ceph mdsc submit request() without waiting for completion. A race condition occurs if a worker thread processes a reply or capability operation (such as CEPH CAP OP IMPORT or CEPH CAP OP GRANT) and calls set nlink() to update the i nlink counter to zero before the original ceph unlink() process calls drop nlink(). This results in an illegal decrement of a zero-value counter, triggering a system warning.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.