CVE-2026-46080
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
27/05/2026
Last modified:
24/06/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
ocfs2: split transactions in dio completion to avoid credit exhaustion<br />
<br />
During ocfs2 dio operations, JBD2 may report warnings via following<br />
call trace:<br />
ocfs2_dio_end_io_write<br />
ocfs2_mark_extent_written<br />
ocfs2_change_extent_flag<br />
ocfs2_split_extent<br />
ocfs2_try_to_merge_extent<br />
ocfs2_extend_rotate_transaction<br />
ocfs2_extend_trans<br />
jbd2__journal_restart<br />
start_this_handle<br />
output: JBD2: kworker/6:2 wants too many credits credits:5450 rsv_credits:0 max:5449<br />
<br />
To prevent exceeding the credits limit, modify ocfs2_dio_end_io_write() to<br />
handle extents in a batch of transaction.<br />
<br />
Additionally, relocate ocfs2_del_inode_from_orphan(). The orphan inode<br />
should only be removed from the orphan list after the extent tree update<br />
is complete. This ensures that if a crash occurs in the middle of extent<br />
tree updates, we won&#39;t leave stale blocks beyond EOF.<br />
<br />
This patch also changes the logic for updating the inode size and removing<br />
orphan, making it similar to ext4_dio_write_end_io(). Both operations are<br />
performed only when everything looks good.<br />
<br />
Finally, thanks to Jans and Joseph for providing the bug fix prototype and<br />
suggestions.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.6 (including) | 5.10.258 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.209 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.175 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.140 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.12.86 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.13 (including) | 6.18.27 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.19 (including) | 7.0.4 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/069c3fb310e9336cf48cfdf8748a32c29fd0193d
- https://git.kernel.org/stable/c/1e99bb19994246514d63e656492904176f9d5edd
- https://git.kernel.org/stable/c/3c636a3edca9c3f180b3079f94fe7e115730d9c6
- https://git.kernel.org/stable/c/886f97fa59d0bbfa9859fb1a66dd9e014b522d89
- https://git.kernel.org/stable/c/91e05ac2336d00d5b99fc774be4bd50039084796
- https://git.kernel.org/stable/c/97c03c0e9f73a5049794b3c69ee60fb5e8b0ebd8
- https://git.kernel.org/stable/c/d647c5b2fbf81560818dacade360abc8c00a9665
- https://git.kernel.org/stable/c/ea5bb1d20da756e4f41a48dad42b2e7d6e73f71e



