CVE Catalog

CVE-2026-31451

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile - higher than 2% of all known CVEs

Summary

In the Linux kernel, the ext4 filesystem replaces BUG_ON() with proper error handling in ext4_read_inline_folio. When inline data size exceeds PAGE_SIZE, instead of kernel panic, an error is logged, buffer head is released, and -EFSCORRUPTED is returned.

Risk Assessment

The vulnerability can cause kernel panic on ext4 filesystem corruption, leading to system downtime and potential data loss.

Recommendation

Immediately update the Linux kernel to a version containing the fix (commit replacing BUG_ON). Monitor system logs for ext4_error_inode() messages to detect filesystem corruption.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: ext4: replace BUG_ON with proper error handling in ext4_read_inline_folio Replace BUG_ON() with proper error handling when inline data size exceeds PAGE_SIZE. This prevents kernel panic and allows the system to continue running while properly reporting the filesystem corruption. The error is logged via ext4_error_inode(), the buffer head is released to prevent memory leak, and -EFSCORRUPTED is returned to indicate filesystem corruption.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS