CVE-2026-43435 | rust_binder: fix oneway spam detection

In the Linux kernel, the following vulnerability has been resolved: rust_binder: fix oneway spam detection The spam detection logic in TreeRange was executed before the current request was inserted into the tree. So the new request was not being factored in the spam calculation. Fix this by moving the logic after the new range has been inserted. Also, the detection logic for ArrayRange was missing altogether which meant large spamming transactions could get away without being detected. Fix this by implementing an equivalent low_oneway_space() in ArrayRange. Note that I looked into centralizing this logic in RangeAllocator but iterating through 'state' and 'size' got a bit too complicated (for me) and I abandoned this effort.

Published: 2026-05-08 Last update: 2026-05-12 Assigner: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

NVD Status：Undergoing Analysis，CVE State: published

View at NVD, CVE.org, EUVD

Conclusion & alert: CVE-2026-43435 is rated Low Risk (4.1/100): low exploitation likelihood (EPSS 0.02%). Mandatory action: Low composite risk—no urgent action required; patch on your normal maintenance cycle and revisit priority if CVSS or EPSS increases.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2026-43435

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2026-05-09	—	0.02%	—

Full EPSS history (1 record total)

Common vulnerability scoring system (CVSS) metrics for CVE-2026-43435

CVSS metrics for this CVE.

No CVSS data in dataset for this CVE.

Weakness enumeration for CVE-2026-43435

GitHub Security Advisory for CVE-2026-43435

GHSA-267q-r86j-cvg7 · Severity: unknown — In the Linux kernel, the following vulnerability has been resolved: rust_binder: fix oneway spam...

OS Trackers for CVE-2026-43435

vendor	priority	summary	link
`debian`	unimportant	CVE-2026-43435 unimportant priority: Debian including 1 source packages (linux), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5.	https://security-tracker.debian.org/tracker/CVE-2026-43435
`redhat`	—	—	https://access.redhat.com/security/cve/CVE-2026-43435
`suse`	low	CVE-2026-43435 severity low: SUSE including 21 source package names (cluster-md-kmp-default, dlm-kmp-default, …), 198 product×package rows across 39 product lines (SUSE Linux Enterprise High Availability Extension 15 SP7, SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS, … (39 product lines)): Known Not Affected 198.	https://www.suse.com/security/cve/CVE-2026-43435/
`ubuntu`	medium	CVE-2026-43435 medium priority: Ubuntu including 161 source packages (linux, linux-allwinner-5.19, …), 1449 status rows across 9 suites (bionic, focal, jammy, noble, questing, resolute, trusty, upstream, xenial): DNE 1048, ignored 169, not-affected 144, released 87, needs-triage 1.	https://ubuntu.com/security/CVE-2026-43435

Affected software / configurations for CVE-2026-43435

Vendor	Product	Version	Raw CPE
No affected products in dataset.

References for CVE-2026-43435

URL	Tags
https://git.kernel.org/stable/c/4fc87c240b8f30e22b7ebaae29d57105589e1c0b
https://git.kernel.org/stable/c/8d34c993a9a156e657e43cb95186980745cc3597
https://git.kernel.org/stable/c/edf685946c4acbe57cb96f8d5f3c07e9a2e973c8

cvelogic Threat Intelligence