CVE-2026-31452
Inconsistent Inline Data Handling in Linux ext4 Causes Kernel Crash
Publication date: 2026-04-22
Last updated on: 2026-05-06
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | From 5.11 (inc) to 5.15.203 (exc) |
| linux | linux_kernel | From 5.16 (inc) to 6.1.168 (exc) |
| linux | linux_kernel | From 6.13 (inc) to 6.18.21 (exc) |
| linux | linux_kernel | From 6.19 (inc) to 6.19.11 (exc) |
| linux | linux_kernel | From 6.2 (inc) to 6.6.131 (exc) |
| linux | linux_kernel | From 6.7 (inc) to 6.12.80 (exc) |
| linux | linux_kernel | From 3.8 (inc) to 5.10.253 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
This vulnerability has been resolved by adding a check in ext4_setattr() to convert files from inline data storage to extent-based storage when truncate() grows the file size beyond the inline capacity.
To mitigate this vulnerability, you should update your Linux kernel to a version that includes this fix. This will prevent the filesystem from entering an inconsistent state and avoid kernel crashes caused by the ext4 inline data handling.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability relates to the ext4 filesystem in the Linux kernel, specifically involving inline data storage and truncation operations that can cause a kernel crash.
Detection would involve monitoring for kernel BUG_ON() crashes related to ext4 inline data handling, especially after truncate operations that increase file size beyond inline capacity.
There are no specific commands or network detection methods provided in the available information.
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's ext4 filesystem where files using inline data storage can enter an inconsistent state when their size is increased beyond the inline capacity.
Specifically, when a file with the inline data flag set is truncated to a size larger than what can be stored inline (around 60 bytes for i_block plus 96 bytes for extended attributes), the inline flag remains set incorrectly.
Subsequent write operations then cause the kernel to crash because the ext4_write_inline_data() function expects the data to fit inline, but the file size and write request exceed that capacity.
The fix involves adding a check in ext4_setattr() to convert files from inline data storage to extent-based storage before increasing the file size beyond the inline capacity, preventing this inconsistent state and kernel crash.
How can this vulnerability impact me? :
This vulnerability can cause the Linux kernel to crash (kernel BUG_ON) when certain file operations are performed on ext4 files that have inline data but are truncated beyond their inline storage capacity.
Such a crash can lead to system instability, potential data loss, and downtime, impacting the reliability and availability of systems using the affected ext4 filesystem.