Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: Always detect conflicting inodes when logging inode refs After renaming an inode, either through the rename operation or through regular renames in multiple non-atomic steps, if two inodes exist and at least one of them is...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Do not abort the filesystem when attempting to take a snapshot of a deleted subvolume. If the source file descriptor for the snapshot ioctl refers to a deleted subvolume, the following abort occurs: BTRFS: Transaction...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed a lockup issue caused by a race condition between inode eviction and inode caching. There is a race condition between inode eviction and inode caching that can cause a live struct btrfsinode to be missing from the...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In btrfsgetrootref in fs/btrfs/disk-io.c within the Linux kernel, up to version 6.7.1, there may be an assertion failure and a crash occurring because a subvolume can be read out too early after its root item is inserted during subvolume creation...

CVE-2026-43361

A flaw was found in the Linux kernel's Btrfs filesystem. A malicious user can exploit this by repeatedly creating snapshots of a previously received subvolume. This action can lead to an item overflow, causing a transaction abort and forcing the filesystem into a read-only state. This results in ...

EUVD-2026-28665

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort on set received ioctl due to item overflow If the set received ioctl fails due to an item overflow when attempting to add the BTRFSUUIDKEYRECEIVEDSUBVOL we have to abort the transaction since we did...

EUVD-2026-28667

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort when snapshotting received subvolumes Currently a user can trigger a transaction abort by snapshotting a previously received snapshot a bunch of times until we reach a BTRFSUUIDKEYRECEIVEDSUBVOL item...

CVE-2026-43359

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort on set received ioctl due to item overflow If the set received ioctl fails due to an item overflow when attempting to add the BTRFSUUIDKEYRECEIVEDSUBVOL we have to abort the transaction since we did...

CVE-2026-43359

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort on set received ioctl due to item overflow If the set received ioctl fails due to an item overflow when attempting to add the BTRFSUUIDKEYRECEIVEDSUBVOL we have to abort the transaction since we did...

CVE-2026-43359

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort on set received ioctl due to item overflow If the set received ioctl fails due to an item overflow when attempting to add the BTRFSUUIDKEYRECEIVEDSUBVOL we have to abort the transaction since we did...

PT-2026-39020

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the btrfs component where the 'set received' ioctl can trigger a transaction abort due to an item overflow when adding the BTRFS UUID KEY RECEIVED SUBVOL. A user who...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: Do not ASSERT if the newly created subvolume has already been read. BUG There is a syzbot crash, triggered by the ASSERT during subvolume creation: Assertion failed: !anondev, in fs/btrfs/disk-io.c:1319 ----------- cut...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Do not free the qgroup space unless specified. Boris noticed during his simple quota testing that there was a leak caused by Sweet Tea’s change to the subvol create function, which would stop a transaction commit. This...

btrfs: set BTRFS_ROOT_ORPHAN_CLEANUP during subvol create

...

SUSE CVE-2026-31519

In the Linux kernel, the following vulnerability has been resolved: btrfs: set BTRFSROOTORPHANCLEANUP during subvol create We have recently observed a number of subvolumes with broken dentries. ls-ing the parent dir looks like: drwxrwxrwt 1 root root 16 Jan 23 16:49 . drwxr-xr-x 1 root root 24 Ja...

CVE-2026-31519

A flaw was found in the Linux kernel's Btrfs filesystem. A race condition, a situation where the outcome depends on the sequence or timing of uncontrollable events, can occur during the creation and cleanup of subvolumes. This can result in a valid subvolume being incorrectly marked as a broken...

EUVD-2026-24903

In the Linux kernel, the following vulnerability has been resolved: btrfs: set BTRFSROOTORPHANCLEANUP during subvol create We have recently observed a number of subvolumes with broken dentries. ls-ing the parent dir looks like: drwxrwxrwt 1 root root 16 Jan 23 16:49 . drwxr-xr-x 1 root root 24 Ja...

CVE-2026-31519

In the Linux kernel, the following vulnerability has been resolved: btrfs: set BTRFSROOTORPHANCLEANUP during subvol create We have recently observed a number of subvolumes with broken dentries. ls-ing the parent dir looks like: drwxrwxrwt 1 root root 16 Jan 23 16:49 . drwxr-xr-x 1 root root 24 Ja...

CVE-2026-31519

CVE-2026-31519 affects the Linux kernel btrfs subsystem. A race during subvolume creation and orphan cleanup can leave a valid subvolume’s dentry in a broken state, marked as a broken entry in the directory cache, preventing deletion or new writes in that location. Root cause: btrfs_orphan_cleanu...

CVE-2026-31519 btrfs: set BTRFS_ROOT_ORPHAN_CLEANUP during subvol create

In the Linux kernel, the following vulnerability has been resolved: btrfs: set BTRFSROOTORPHANCLEANUP during subvol create We have recently observed a number of subvolumes with broken dentries. ls-ing the parent dir looks like: drwxrwxrwt 1 root root 16 Jan 23 16:49 . drwxr-xr-x 1 root root 24 Ja...