Off-by-one Vulnerability in Linux Kernel's OCFS2 DLM Region Comparison
CVE-2026-53309

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 26 June 2026

What is CVE-2026-53309?

The vulnerability resides in the region comparison loop of the OCFS2 distributed lock manager within the Linux kernel. An off-by-one error occurs due to the incorrect use of '<=' instead of '<', causing the loop to access an entry that lies outside the valid range of regions. This inconsistency poses potential risks, as it may allow unintended access to memory areas, potentially leading to system instability or unauthorized data access. The issue has been addressed by correcting the loop condition for proper validation and consistency across all similar functions.

Affected Version(s)

Linux ea2034416b54700e30371f2ad6517cbb94674083 < 760ab35040aca8399021fdb9ff1db1089feb7194

Linux ea2034416b54700e30371f2ad6517cbb94674083

Linux ea2034416b54700e30371f2ad6517cbb94674083 < 2a0673836f019e7c032acbf48d022d5ccf02a845

References

https://git.kernel.org/stable/c/760ab35040aca8399021fdb9f...

https://git.kernel.org/stable/c/c60a2710b73838d250cda5734...

https://git.kernel.org/stable/c/2a0673836f019e7c032acbf48...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 26, 2026
Vulnerability Reserved
Jun 9, 2026

CVE-2026-53309 Data

JSON