CVE-2026-43474

UNKNOWN 0.0

fs: init flags_valid before calling vfs_fileattr_get

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: fs: init flags_valid before calling vfs_fileattr_get syzbot reported a uninit-value bug in [1]. Similar to the "*get" context where the kernel's internal file_kattr structure is initialized before calling vfs_fileattr_get(), we should use the same mechanism when using fa. [1] BUG: KMSAN: uninit-value in fuse_fileattr_get+0xeb4/0x1450 fs/fuse/ioctl.c:517 fuse_fileattr_get+0xeb4/0x1450 fs/fuse/ioctl.c:517 vfs_fileattr_get fs/file_attr.c:94 [inline] __do_sys_file_getattr fs/file_attr.c:416 [inline] Local variable fa.i created at: __do_sys_file_getattr fs/file_attr.c:380 [inline] __se_sys_file_getattr+0x8c/0xbd0 fs/file_attr.c:372

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	May 8, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 379e19e820dd1c6145426b97467728b3b89c0b42 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < b8c182b2c8c44c6016b11d8af61715ad7ef958a1 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < cb184dd19154fc486fa3d9e02afe70a97e54e055

Linux / Linux

All versions affected

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/379e19e820dd1c6145426b97467728b3b89c0b42 git.kernel.org: https://git.kernel.org/stable/c/b8c182b2c8c44c6016b11d8af61715ad7ef958a1 git.kernel.org: https://git.kernel.org/stable/c/cb184dd19154fc486fa3d9e02afe70a97e54e055