NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-45861

Summary	In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in qd_put Commit a475c5dd16e5 ("gfs2: Free quota data objects synchronously") started freeing quota data objects during filesystem shutdown instead of putting them back onto the LRU list, but it failed to remove these objects from the LRU list, causing LRU list corruption. This caused use-after-free when the shrinker (gfs2_qd_shrink_scan) tried to access already-freed objects on the LRU list. Fix this by removing qd objects from the LRU list before freeing them in qd_put(). Initial fix from Deepanshu Kartikey <kartikey406@gmail.com>.
Publication Date	May 27, 2026, 11:16 p.m.
Registration Date	May 28, 2026, 4:11 a.m.
Last Update	May 30, 2026, 8:17 p.m.

CVSS3.1 : HIGH
スコア	7.8
Vector	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
攻撃元区分(AV)	ローカル
攻撃条件の複雑さ(AC)	低
攻撃に必要な特権レベル(PR)	低
利用者の関与(UI)	不要
影響の想定範囲(S)	変更なし
機密性への影響(C)	高
完全性への影響(I)	高
可用性への影響(A)	高

Related information, measures and tools

No	URL	refsource	タグ
1	https://git.kernel.org/stable/c/1d47922b98046b8070a77347fb883a6523792803	416baaa9-dc9f-4396-8d5f-8c081fb06d67
2	https://git.kernel.org/stable/c/22150a7d401d9e9169b9b68e05bed95f7f49bf69	416baaa9-dc9f-4396-8d5f-8c081fb06d67
3	https://git.kernel.org/stable/c/80fff26d7a0c3926b511661c27eecc811a420eef	416baaa9-dc9f-4396-8d5f-8c081fb06d67
4	https://git.kernel.org/stable/c/ca7c67bdd293089b3483f18886d6b2d0037d2ad9	416baaa9-dc9f-4396-8d5f-8c081fb06d67

Common Vulnerabilities List