10 matches found
SUSE CVE-2026-31453
In the Linux kernel, the following vulnerability has been resolved: xfs: avoid dereferencing log items after push callbacks After xfsaildpushitem calls ioppush, the log item may have been freed if the AIL lock was dropped during the push. Background inode reclaim or the dquot shrinker can free th...
SUSE CVE-2026-31454
In the Linux kernel, the following vulnerability has been resolved: xfs: save ailp before dropping the AIL lock in push callbacks In xfsinodeitempush and xfsqmdquotlogitempush, the AIL lock is dropped to perform buffer IO. Once the cluster buffer no longer protects the log item from reclaim, the...
EUVD-2026-24792
In the Linux kernel, the following vulnerability has been resolved: xfs: avoid dereferencing log items after push callbacks After xfsaildpushitem calls ioppush, the log item may have been freed if the AIL lock was dropped during the push. Background inode reclaim or the dquot shrinker can free th...
EUVD-2026-24793
In the Linux kernel, the following vulnerability has been resolved: xfs: save ailp before dropping the AIL lock in push callbacks In xfsinodeitempush and xfsqmdquotlogitempush, the AIL lock is dropped to perform buffer IO. Once the cluster buffer no longer protects the log item from reclaim, the...
CVE-2026-31454
In the Linux kernel, the following vulnerability has been resolved: xfs: save ailp before dropping the AIL lock in push callbacks In xfsinodeitempush and xfsqmdquotlogitempush, the AIL lock is dropped to perform buffer IO. Once the cluster buffer no longer protects the log item from reclaim, the...
CVE-2026-31454 xfs: save ailp before dropping the AIL lock in push callbacks
In the Linux kernel, the following vulnerability has been resolved: xfs: save ailp before dropping the AIL lock in push callbacks In xfsinodeitempush and xfsqmdquotlogitempush, the AIL lock is dropped to perform buffer IO. Once the cluster buffer no longer protects the log item from reclaim, the...
CVE-2026-31454
Summary: CVE-2026-31454 affects the Linux kernel's XFS code. In xfs_inode_item_push() and xfs_qm_dquot_logitem_push(), the AIL lock is dropped to perform buffer IO, which can allow a log item to be freed during reclaim. A subsequent spin_lock() may dereference lip->li_ailp, causing a use-after...
CVE-2026-31453
The CVE-2026-31453 issue affects the Linux kernel XFS path. The root cause is use-after-free-like behavior: after xfsaild_push_item() calls iop_push(), the log item could be freed if the AIL lock is dropped, allowing a freed log item to be dereferenced by tracepoints in the switch that follow. Th...
PT-2026-34358
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the XFS file system where log items may be dereferenced after push callbacks. Specifically, after the xfsaild push item function calls iop push, the log item might hav...
PT-2026-34359
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the XFS file system. In the functions xfs inode item push and xfs qm dquot logitem push, the AIL lock is released to perform buffer IO. This allows the l...