CVE Catalog

CVE-2026-31463

Critical
Published: Translated: NVD NIST

Summary

A vulnerability has been identified in the Linux kernel regarding invalid folio access when i_blkbits differs from I/O granularity. This issue affects situations where IO can be submitted for less than the full folio, leading to improper management of the folio context.

Risk Assessment

Organizations may face data integrity issues and improper I/O operations, potentially leading to data loss or system crashes.

Recommendation

It is recommended to update the Linux kernel to the latest version to mitigate this vulnerability and ensure proper folio access management.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: iomap: fix invalid folio access when i_blkbits differs from I/O granularity Commit aa35dd5cbc06 ("iomap: fix invalid folio access after folio_end_read()") partially addressed invalid folio access for folios without an ifs attached, but it did not handle the case where 1 << inode->i_blkbits matches the folio size but is different from the granularity used for the IO, which means IO can be submitted for less than the full folio for the !ifs case. In this case, the condition: if (*bytes_submitted == folio_len) ctx->cur_folio = NULL; in iomap_read_folio_iter() will not invalidate ctx->cur_folio, and iomap_read_end() will still be called on the folio even though the IO helper owns it and will finish the read on it. Fix this by unconditionally invalidating ctx->cur_folio for the !ifs case.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS