Race Condition Vulnerability in Linux Kernel Affecting F2FS
CVE-2026-46194

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 28 May 2026

What is CVE-2026-46194?

A race condition exists in the Linux kernel's handling of F2FS due to improper management of extent nodes during concurrent write operations. When the F2FS file system handles inode drops with I_SYNC set, an unprotected writeback thread can inadvertently insert new extent nodes into the same tree being manipulated, leading to potential crashes. This condition arises because the necessary flag, FI_NO_EXTENT, is not set before nodes are cleared. This issue not only results in instability but also compromises data integrity during concurrent access scenarios. The recent patch implements additional locking and flag checks to safeguard against such race conditions, ensuring enhanced stability and reliability of the F2FS file system.

Affected Version(s)

Linux 295b50e95e900da31ff237e46e04525fa799b2cf < 42dd1c91f993431d0b399502479d00e6ad1bca71

Linux 924f7dd1e832e4e4530d14711db223d2803f7b61

Linux 3fc5d5a182f6a1f8bd4dc775feb54c369dd2c343

References

https://git.kernel.org/stable/c/42dd1c91f993431d0b3995024...

https://git.kernel.org/stable/c/ab1eaf9d5c99042f5b0243bf6...

https://git.kernel.org/stable/c/b0e4395870eb3441ddc959f67...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 28, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-46194 Data

JSON