-
CVE-2026-31434
- EPSS 0.03%
- Veröffentlicht 22.04.2026 14:16:36
- Zuletzt bearbeitet 23.04.2026 16:17:41
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
btrfs: fix leak of kobject name for sub-group space_info
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix leak of kobject name for sub-group space_info
When create_space_info_sub_group() allocates elements of
space_info->sub_group[], kobject_init_and_add() is called for each
element via btrfs_sysfs_add_space_info_type(). However, when
check_removing_space_info() frees these elements, it does not call
btrfs_sysfs_remove_space_info() on them. As a result, kobject_put() is
not called and the associated kobj->name objects are leaked.
This memory leak is reproduced by running the blktests test case
zbd/009 on kernels built with CONFIG_DEBUG_KMEMLEAK. The kmemleak
feature reports the following error:
unreferenced object 0xffff888112877d40 (size 16):
comm "mount", pid 1244, jiffies 4294996972
hex dump (first 16 bytes):
64 61 74 61 2d 72 65 6c 6f 63 00 c4 c6 a7 cb 7f data-reloc......
backtrace (crc 53ffde4d):
__kmalloc_node_track_caller_noprof+0x619/0x870
kstrdup+0x42/0xc0
kobject_set_name_vargs+0x44/0x110
kobject_init_and_add+0xcf/0x150
btrfs_sysfs_add_space_info_type+0xfc/0x210 [btrfs]
create_space_info_sub_group.constprop.0+0xfb/0x1b0 [btrfs]
create_space_info+0x211/0x320 [btrfs]
btrfs_init_space_info+0x15a/0x1b0 [btrfs]
open_ctree+0x33c7/0x4a50 [btrfs]
btrfs_get_tree.cold+0x9f/0x1ee [btrfs]
vfs_get_tree+0x87/0x2f0
vfs_cmd_create+0xbd/0x280
__do_sys_fsconfig+0x3df/0x990
do_syscall_64+0x136/0x1540
entry_SYSCALL_64_after_hwframe+0x76/0x7e
To avoid the leak, call btrfs_sysfs_remove_space_info() instead of
kfree() for the elements.Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
64c7ddda83acfbaa0efb381a1928ce908c584607
Version <
416484f21a9d1280cf6daa7ebc10c79b59c46e48
Status
affected
Version
0bd151ce4200ca847990e05cca29a76456982ca5
Version <
94054ffd311a1f76b7093ba8ebf50bdb0d28337c
Status
affected
Version
190d5a7c4fe42b8c9aa46e3336389e7cb10395bb
Version <
1737ddeafbb1304f41ec2eede4f7366082e7c96a
Status
affected
Version
f92ee31e031c7819126d2febdda0c3e91f5d2eb9
Version <
3c844d01f9874a43004c82970d8da94f9aba8949
Status
affected
Version
f92ee31e031c7819126d2febdda0c3e91f5d2eb9
Version <
3c645c6f7e5470debbb81666b230056de48f36dc
Status
affected
Version
f92ee31e031c7819126d2febdda0c3e91f5d2eb9
Version <
a4376d9a5d4c9610e69def3fc0b32c86a7ab7a41
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
6.16
Status
affected
Version
0
Version <
6.16
Status
unaffected
Version <=
6.1.*
Version
6.1.168
Status
unaffected
Version <=
6.6.*
Version
6.6.131
Status
unaffected
Version <=
6.12.*
Version
6.12.80
Status
unaffected
Version <=
6.18.*
Version
6.18.21
Status
unaffected
Version <=
6.19.*
Version
6.19.11
Status
unaffected
Version <=
*
Version
7.0
Status
unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.092 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|