CVE-2026-31453
Gravedad:
Pendiente de análisis
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
22/04/2026
Última modificación:
22/04/2026
Descripción
*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
xfs: avoid dereferencing log items after push callbacks<br />
<br />
After xfsaild_push_item() calls iop_push(), the log item may have been<br />
freed if the AIL lock was dropped during the push. Background inode<br />
reclaim or the dquot shrinker can free the log item while the AIL lock<br />
is not held, and the tracepoints in the switch statement dereference<br />
the log item after iop_push() returns.<br />
<br />
Fix this by capturing the log item type, flags, and LSN before calling<br />
xfsaild_push_item(), and introducing a new xfs_ail_push_class trace<br />
event class that takes these pre-captured values and the ailp pointer<br />
instead of the log item pointer.
Impacto
Referencias a soluciones, herramientas e información
- https://git.kernel.org/stable/c/451c6329d9afa45862c36fe6677eb7750db60617
- https://git.kernel.org/stable/c/7121b22b0bac89394cc4c6a54b5aebc15347bdf5
- https://git.kernel.org/stable/c/79ef34ec0554ec04bdbafafbc9836423734e1bd6
- https://git.kernel.org/stable/c/95fb5d643cc70959baa54cd17f52f80ffc3295e7
- https://git.kernel.org/stable/c/c4d603e8e58a3bf35480135ccca2b4f7238abda5
- https://git.kernel.org/stable/c/c8a2ab339b88d10fc34a3318c92f07d8a467019d