CVE-2026-43168
OCFS2 Reflink Xattr Cleanup Flaw Fixed
Publication date: 2026-05-06
Last updated on: 2026-05-06
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This vulnerability relates to a bug in the Linux kernel's ocfs2 filesystem code, specifically in the cleanup process of preserved extended attribute (xattr) entries during reflink operations.
Because the cleanup logic does not handle all cases correctly, it may lead to improper management of xattr entries, potentially causing data inconsistencies or corruption in the filesystem.
Users relying on ocfs2 with reflink functionality could experience unexpected behavior or data integrity issues until the fix is applied.
Can you explain this vulnerability to me?
This vulnerability is related to the Linux kernel's ocfs2 filesystem, specifically in the handling of reflink preserve cleanup for extended attribute (xattr) entries.
A previous fix (commit c06c303832ec) intended to address an error with the xattr array entry counting (__counted_by) did not handle all cases correctly.
The bug involves the cleanup process for preserved xattr entries where the 'last' pointer should be shifted by one unit after cleaning up an array entry, but this was not done.
Additionally, the current code logic fails to clean up the first entry when the xh_count is 1.