-

CVE-2026-43065

EPSS 0.03%
Veröffentlicht 05.05.2026 16:16:15
Zuletzt bearbeitet 06.05.2026 13:08:07
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

ext4: always drain queued discard work in ext4_mb_release()

In the Linux kernel, the following vulnerability has been resolved:

ext4: always drain queued discard work in ext4_mb_release()

While reviewing recent ext4 patch[1], Sashiko raised the following
concern[2]:

> If the filesystem is initially mounted with the discard option,
> deleting files will populate sbi->s_discard_list and queue
> s_discard_work. If it is then remounted with nodiscard, the
> EXT4_MOUNT_DISCARD flag is cleared, but the pending s_discard_work is
> neither cancelled nor flushed.

[1] https://lore.kernel.org/r/20260319094545.19291-1-qiang.zhang@linux.dev/
[2] https://sashiko.dev/#/patchset/20260319094545.19291-1-qiang.zhang%40linux.dev

The concern was valid, but it had nothing to do with the patch[1].
One of the problems with Sashiko in its current (early) form is that
it will detect pre-existing issues and report it as a problem with the
patch that it is reviewing.

In practice, it would be hard to hit deliberately (unless you are a
malicious syzkaller fuzzer), since it would involve mounting the file
system with -o discard, and then deleting a large number of files,
remounting the file system with -o nodiscard, and then immediately
unmounting the file system before the queued discard work has a change
to drain on its own.

Fix it because it's a real bug, and to avoid Sashiko from raising this
concern when analyzing future patches to mballoc.c.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

CNA 2 VulnDex Vulnerability Enrichment 13

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version 55cdd0af2bc5ffc92a2deb745627755aecd5db33

Version < e96c2354b170aaa53300c8e8fd59e41b133160f7

Status affected

Version 55cdd0af2bc5ffc92a2deb745627755aecd5db33

Version < c360e9d0def4f4ae03254a67c683103908555b75

Status affected

Version 55cdd0af2bc5ffc92a2deb745627755aecd5db33

Version < 1c82f863f090ab899085bdfade073313384b514b

Status affected

Version 55cdd0af2bc5ffc92a2deb745627755aecd5db33

Version < 9b4d9dda6a71ad3425c8109d27c4c6bfb9da97b8

Status affected

Version 55cdd0af2bc5ffc92a2deb745627755aecd5db33

Version < 812b6a7cd3e7f3a3e8a24db85bc6313c26cb1098

Status affected

Version 55cdd0af2bc5ffc92a2deb745627755aecd5db33

Version < b4737e26d4688b8aea88ad6ea4dbfeb6e78b0327

Status affected

Version 55cdd0af2bc5ffc92a2deb745627755aecd5db33

Version < 9ee29d20aab228adfb02ca93f87fb53c56c2f3af

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.15

Status affected

Version 0

Version < 5.15

Status unaffected

Version <= 5.15.*

Version 5.15.203

Status unaffected

Version <= 6.1.*

Version 6.1.168

Status unaffected

Version <= 6.6.*

Version 6.6.131

Status unaffected

Version <= 6.12.*

Version 6.12.80

Status unaffected

Version <= 6.18.*

Version 6.18.21

Status unaffected

Version <= 6.19.*

Version 6.19.11

Status unaffected

Version <= *

Version 7.0

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.093

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/1c82f863f090ab899085bdfade073313384b514b

https://git.kernel.org/stable/c/812b6a7cd3e7f3a3e8a24db85bc6313c26cb1098

https://git.kernel.org/stable/c/9b4d9dda6a71ad3425c8109d27c4c6bfb9da97b8

https://git.kernel.org/stable/c/9ee29d20aab228adfb02ca93f87fb53c56c2f3af

https://git.kernel.org/stable/c/b4737e26d4688b8aea88ad6ea4dbfeb6e78b0327

https://git.kernel.org/stable/c/c360e9d0def4f4ae03254a67c683103908555b75

https://git.kernel.org/stable/c/e96c2354b170aaa53300c8e8fd59e41b133160f7

https://nvd.nist.gov/vuln/detail/CVE-2026-43065

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-43065

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-43065

EUVD