CVE-2026-43117
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
06/05/2026
Last modified:
08/05/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file()<br />
<br />
If overlay is used on top of btrfs, dentry->d_sb translates to overlay&#39;s<br />
super block and fsid assignment will lead to a crash.<br />
<br />
Use file_inode(file)->i_sb to always get btrfs_sb.
Impact
Base Score 3.x
9.10
Severity 3.x
CRITICAL
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.8 (including) | 6.6.136 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.12.83 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.13 (including) | 6.18.24 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.19 (including) | 6.19.14 (excluding) |
| cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/2e4adfaec97ee053ad1bdfb5036845e66f7e0d8a
- https://git.kernel.org/stable/c/32372781d664a9b03c40343e96c29d0a6139f97d
- https://git.kernel.org/stable/c/a85b46db143fda5869e7d8df8f258ccef5fa1719
- https://git.kernel.org/stable/c/c09a7446aab5773f38d6abb25fce99b8e1dfbc97
- https://git.kernel.org/stable/c/d110d7cdb045715c0b45b0dfd974525bb38f653d