{
  "affected": [
    {
      "ranges": [
        {
          "events": [
            {
              "introduced": "a3a956c78efaa202b1d75190136671cf6e87bfbe"
            },
            {
              "fixed": "02ecc0978c459fd90bb24b2a946dd16d43e68fe5"
            },
            {
              "fixed": "1be7ca86ce1794d966fda5d82181bc978b150fbc"
            },
            {
              "fixed": "142c444a395f4d26055c8a4473e228bb86283f1e"
            },
            {
              "fixed": "fb4b1f969ba01fa1d4088467a02fc1e5f0806710"
            },
            {
              "fixed": "ca2a04e84af79596e5cd9cfe697d5122ec39c8ce"
            }
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "type": "GIT"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Linux",
        "name": "Kernel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.2.0"
            },
            {
              "fixed": "6.6.141"
            }
          ],
          "type": "ECOSYSTEM"
        },
        {
          "events": [
            {
              "introduced": "6.7.0"
            },
            {
              "fixed": "6.12.91"
            }
          ],
          "type": "ECOSYSTEM"
        },
        {
          "events": [
            {
              "introduced": "6.13.0"
            },
            {
              "fixed": "6.18.16"
            }
          ],
          "type": "ECOSYSTEM"
        },
        {
          "events": [
            {
              "introduced": "6.19.0"
            },
            {
              "fixed": "6.19.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "database_specific": {
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43245.json"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nntfs: -\u003ed_compare() must not block\n\n... so don't use __getname() there.  Switch it (and ntfs_d_hash(), while\nwe are at it) to kmalloc(PATH_MAX, GFP_NOWAIT).  Yes, ntfs_d_hash()\nalmost certainly can do with smaller allocations, but let ntfs folks\ndeal with that - keep the allocation size as-is for now.\n\nStop abusing names_cachep in ntfs, period - various uses of that thing\nin there have nothing to do with pathnames; just use k[mz]alloc() and\nbe done with that.  For now let's keep sizes as-in, but AFAICS none of\nthe users actually want PATH_MAX.",
  "id": "CVE-2026-43245",
  "modified": "2026-07-15T01:49:13.073393532Z",
  "published": "2026-05-06T11:28:37.602Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/02ecc0978c459fd90bb24b2a946dd16d43e68fe5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/142c444a395f4d26055c8a4473e228bb86283f1e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1be7ca86ce1794d966fda5d82181bc978b150fbc"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ca2a04e84af79596e5cd9cfe697d5122ec39c8ce"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fb4b1f969ba01fa1d4088467a02fc1e5f0806710"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43245.json"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43245"
    },
    {
      "type": "PACKAGE",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"
    }
  ],
  "schema_version": "1.8.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "ntfs: -\u003ed_compare() must not block"
}