Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

CVE-2026-45861

Gravedad CVSS v3.1:
ALTA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
27/05/2026
Última modificación:
30/05/2026

Descripción

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> gfs2: Fix slab-use-after-free in qd_put<br /> <br /> Commit a475c5dd16e5 ("gfs2: Free quota data objects synchronously")<br /> started freeing quota data objects during filesystem shutdown instead of<br /> putting them back onto the LRU list, but it failed to remove these<br /> objects from the LRU list, causing LRU list corruption. This caused<br /> use-after-free when the shrinker (gfs2_qd_shrink_scan) tried to access<br /> already-freed objects on the LRU list.<br /> <br /> Fix this by removing qd objects from the LRU list before freeing them in<br /> qd_put().<br /> <br /> Initial fix from Deepanshu Kartikey .