AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2026-43193: In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4_file refcount leak in nfsd_get_dir_d

infovulnerability

security

Source: NVD/CVE DatabaseMay 6, 2026CVE-2026-43193

Summary

A bug in the Linux kernel's nfsd (NFS server daemon) function nfsd_get_dir_deleg() causes a memory leak where a reference to an nfs4_file object (a data structure tracking NFS file information) is not properly released before the function exits. This leak can consume memory over time and potentially impact system stability.

Solution / Mitigation

Ensure that the reference to "fp" is released before returning from the nfsd_get_dir_deleg() function. The fix is available in kernel commits 0d8362e15aad5b5c1d6a65bb23ac6c45ccf881f3 and 789477b849394afdb60507924d65f7ef18f078ce on kernel.org.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Disclosure Date

May 6, 2026

Classification

Attack SophisticationModerate

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-43193

First tracked: May 6, 2026 at 02:07 PM

Classified by LLM (prompt v3) · confidence: 95%