CVE-2026-43470

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the NFS implementation where the system fails to return an error when a directory alias is found through nfs3 do create, nfs add or obtain, or d splice alias. In such cases, the original dentry remains negative, subsequently leading to a system oops during nfs atomic open v23 or finish open because a negative dentry is supplied to do dentry open. This behavior has been observed during concurrent creation and removal of directories and files with the same name when O EXCL is not used to open files. The fix involves using d is dir() to ensure file operations are not performed on a directory inode.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.