CVE-2026-31666

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> btrfs: fix incorrect return value after changing leaf in lookup_extent_data_ref()<br /> <br /> After commit 1618aa3c2e01 ("btrfs: simplify return variables in<br /> lookup_extent_data_ref()"), the err and ret variables were merged into<br /> a single ret variable. However, when btrfs_next_leaf() returns 0<br /> (success), ret is overwritten from -ENOENT to 0. If the first key in<br /> the next leaf does not match (different objectid or type), the function<br /> returns 0 instead of -ENOENT, making the caller believe the lookup<br /> succeeded when it did not. This can lead to operations on the wrong<br /> extent tree item, potentially causing extent tree corruption.<br /> <br /> Fix this by returning -ENOENT directly when the key does not match,<br /> instead of relying on the ret variable.