5.5

CVE-2026-43262

gfs2: fiemap page fault fix

In the Linux kernel, the following vulnerability has been resolved:

gfs2: fiemap page fault fix

In gfs2_fiemap(), we are calling iomap_fiemap() while holding the inode
glock.  This can lead to recursive glock taking if the fiemap buffer is
memory mapped to the same inode and accessing it triggers a page fault.

Fix by disabling page faults for iomap_fiemap() and faulting in the
buffer by hand if necessary.

Fixes xfstest generic/742.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.29 < 5.15.202
LinuxLinux Kernel Version >= 5.16 < 6.1.165
LinuxLinux Kernel Version >= 6.2 < 6.6.128
LinuxLinux Kernel Version >= 6.7 < 6.12.75
LinuxLinux Kernel Version >= 6.13 < 6.18.16
LinuxLinux Kernel Version >= 6.19 < 6.19.6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.11% 0.018
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/5d5d9ec957bfa1eb2b05861c19f5d701dd006db7
Patch
https://git.kernel.org/stable/c/cead3bebf3e318578b8a86a5472015d713d2a8a8
Patch
https://git.kernel.org/stable/c/e428670cfb2993d8c224effd076242ca6b0950de
Patch
https://git.kernel.org/stable/c/5d2c4f182ea8516de8682e2b60411c03df00e3ea
Patch
https://git.kernel.org/stable/c/2e121c53b581e40397ae08090a7af4ed10781fbc
Patch
https://git.kernel.org/stable/c/9d15fee888f0e8938c9aeed71ec9c2cbba0c88ab
Patch
https://git.kernel.org/stable/c/e411d74cc5ba290f85d0dd5e4d1df8f1d6d975d2
Patch