Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: fs/writeback: skip AS_NO_DATA_INTEGRITY mappings in wait_sb_inodes() Above the while() loop in wait_sb_inodes(), we document that we must wait for all pages under writeback for data integrity. Consequently, if a mapping, like fuse, traditionally does not have data integrity semantics, there is no need to wait at all; we can simply skip these inodes. This restores fuse back to prior behavior where syncs are no-ops. This fixes a user regression where if a system is running a faulty fuse server that does not reply to issued write requests, this causes wait_sb_inodes() to wait forever.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 6.16, < 6.18.8 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/3f4ed5e2b8f111553562507ad6202432c7c57731Patch
- https://git.kernel.org/stable/c/f9a49aa302a05e91ca01f69031cb79a0ea33031fPatch
FAQ
What is CVE-2026-23109?
CVE-2026-23109 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: fs/writeback: skip AS_NO_DATA_INTEGRITY mappings in wait_sb_inodes() Above the while() loop in wait_sb_inodes(), we document that ...
How severe is CVE-2026-23109?
CVE-2026-23109 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-23109?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.