CVE-2026-31455

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> xfs: stop reclaim before pushing AIL during unmount<br /> <br /> The unmount sequence in xfs_unmount_flush_inodes() pushed the AIL while<br /> background reclaim and inodegc are still running. This is broken<br /> independently of any use-after-free issues - background reclaim and<br /> inodegc should not be running while the AIL is being pushed during<br /> unmount, as inodegc can dirty and insert inodes into the AIL during the<br /> flush, and background reclaim can race to abort and free dirty inodes.<br /> <br /> Reorder xfs_unmount_flush_inodes() to stop inodegc and cancel background<br /> reclaim before pushing the AIL. Stop inodegc before cancelling<br /> m_reclaim_work because the inodegc worker can re-queue m_reclaim_work<br /> via xfs_inodegc_set_reclaimable.