CVE-2026-43117
Published: May 9, 2026Last modified: May 9, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file() If overlay is used on top of btrfs, dentry->d_sb translates to overlay's super block and fsid assignment will lead to a crash. Use file_inode(file)->i_sb to always get btrfs_sb.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 9.1 |
| Attack Vector | NETWORK |
| Attack complexity | LOW |
| Privileges required | NONE |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity impact | NONE |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Vulnerable (6.1.170-r0) |
| 25 LTS | linux-lts | Fixed (6.12.85-r0) | |
| Stream | linux-lts | Fixed (6.12.85-r0) |
References
- https://git.kernel.org/stable/c/2e4adfaec97ee053ad1bdfb5036845e66f7e0d8a
- https://git.kernel.org/stable/c/32372781d664a9b03c40343e96c29d0a6139f97d
- https://git.kernel.org/stable/c/a85b46db143fda5869e7d8df8f258ccef5fa1719
- https://git.kernel.org/stable/c/c09a7446aab5773f38d6abb25fce99b8e1dfbc97
- https://git.kernel.org/stable/c/d110d7cdb045715c0b45b0dfd974525bb38f653d