AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2026-43067: In the Linux kernel, the following vulnerability has been resolved: ext4: handle wraparound when searching for blocks f

infovulnerability

security

Source: NVD/CVE DatabaseMay 5, 2026CVE-2026-43067

Summary

A vulnerability in the Linux ext4 file system could allow certain blocks to be allocated beyond the 32-bit limit for indirect block-mapped files (a way of storing file data using intermediate blocks). This happens when the file system has both extent-mapped files (a more modern storage method) and indirect-block-mapped files, causing a wraparound (overflow) error when searching for available blocks.

Solution / Mitigation

Add a safety clamp in ext4_mb_scan_groups() to prevent allocating blocks beyond the 32-bit limit for indirect block-mapped files.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Disclosure Date

May 5, 2026

Classification

Attack SophisticationModerate

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-43067

First tracked: May 5, 2026 at 02:09 PM

Classified by LLM (prompt v3) · confidence: 95%