CVE-2026-46095
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
In the Linux kernel, a vulnerability in the md/md-llbitmap module was found due to incorrect operation order: the barrier raise occurred after the state machine call, potentially causing race conditions. The fix moves the barrier raise before the state machine transition in llbitmap_start_write() and llbitmap_start_discard().
Risk Assessment
Lack of proper synchronization may allow concurrent resource access, leading to data corruption or unpredictable system behavior.
Recommendation
It is recommended to immediately update the Linux kernel to a version containing the fix (commit addressing CVE-2026-46095).
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: md/md-llbitmap: raise barrier before state machine transition Move the barrier raise operation before calling llbitmap_state_machine() in both llbitmap_start_write() and llbitmap_start_discard(). This ensures the barrier is in place before any state transitions occur, preventing potential race conditions where the state machine could complete before the barrier is properly raised.

