Denial of Service Vulnerability in Linux Kernel OCFS2 by Vendor Oracle
CVE-2026-46080

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 May 2026

What is CVE-2026-46080?

A vulnerability has been identified within the OCFS2 file system of the Linux kernel that potentially allows for Denial of Service due to excessive credit usage during Direct I/O (DIO) operations. Specifically, the issue arises when JBD2 reports warnings regarding credit exhaustion, which can lead to operational disruptions. The anomaly occurs during multiple extent handling in transactions, leading to system instability if the maximum credits are surpassed. To rectify this, modifications have been proposed to manage extents in batches, thus maintaining operations within credit limits and ensuring the integrity of inode updates during operations. This fix enhances reliability and stability in OCFS2 file system transactions.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 886f97fa59d0bbfa9859fb1a66dd9e014b522d89

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 3c636a3edca9c3f180b3079f94fe7e115730d9c6

References

https://git.kernel.org/stable/c/886f97fa59d0bbfa9859fb1a6...

https://git.kernel.org/stable/c/ea5bb1d20da756e4f41a48dad...

https://git.kernel.org/stable/c/3c636a3edca9c3f180b3079f9...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 27, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-46080 Data

JSON