Linux Kernel Vulnerability in Btrfs Logging Mechanism
CVE-2026-43118

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 6 May 2026

What is CVE-2026-43118?

A logging issue in the Btrfs file system of the Linux kernel can lead to incorrect inode sizes after a log replay. When an inode is logged with a reset generation and its size is zero, subsequent logging actions can cause the system to skip updating the inode's size during log replay. This can result in the inode maintaining an incorrect size, particularly if a hard link or rename occurs after the initial logging. This vulnerability emphasizes the importance of accurate inode size handling during logging operations to ensure system integrity across unexpected shutdowns.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 03e966b63df5b06790310c1faaf3e0cb43adea8b

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 5254d4181add9dfaa5e3519edd71cc8f752b2f85

References

https://git.kernel.org/stable/c/fddb157536e67a055597f00a8...

https://git.kernel.org/stable/c/03e966b63df5b06790310c1fa...

https://git.kernel.org/stable/c/5254d4181add9dfaa5e3519ed...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43118 Data

JSON