CVE-2026-45912
Awaiting Analysis Awaiting Analysis - Queue
ext4 Filesystem Extent Splitting Cache Issue

Publication date: 2026-05-27

Last updated on: 2026-05-27

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: ext4: don't cache extent during splitting extent Caching extents during the splitting process is risky, as it may result in stale extents remaining in the status tree. Moreover, in most cases, the corresponding extent block entries are likely already cached before the split happens, making caching here not particularly useful. Assume we have an unwritten extent, and then DIO writes the first half. [UUUUUUUUUUUUUUUU] on-disk extent U: unwritten extent [UUUUUUUUUUUUUUUU] extent status tree |<- ->| ----> dio write this range First, when ext4_split_extent_at() splits this extent, it truncates the existing extent and then inserts a new one. During this process, this extent status entry may be shrunk, and calls to ext4_find_extent() and ext4_cache_extents() may occur, which could potentially insert the truncated range as a hole into the extent status tree. After the split is completed, this hole is not replaced with the correct status. [UUUUUUU|UUUUUUUU] on-disk extent U: unwritten extent [UUUUUUU|HHHHHHHH] extent status tree H: hole Then, the outer calling functions will not correct this remaining hole extent either. Finally, if we perform a delayed buffer write on this latter part, it will re-insert the delayed extent and cause an error in space accounting. In adition, if the unwritten extent cache is not shrunk during the splitting, ext4_cache_extents() also conflicts with existing extents when caching extents. In the future, we will add checks when caching extents, which will trigger a warning. Therefore, Do not cache extents that are being split.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-27
Last Modified
2026-05-27
Generated
2026-06-16
AI Q&A
2026-05-27
EPSS Evaluated
2026-06-15
NVD
CVE-2026-45912
EUVD
EUVD-2026-32378
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's ext4 filesystem related to how extents are cached during the splitting process. Specifically, caching extents while splitting can lead to stale extents remaining in the extent status tree. When an unwritten extent is partially written using direct I/O (DIO), the splitting function truncates the existing extent and inserts a new one. During this, the extent status entry may shrink and cause incorrect entries (holes) to be inserted into the extent status tree, which are not corrected afterward.

This results in inconsistencies where the extent status tree shows holes instead of the correct extent status. If a delayed buffer write occurs on the affected part, it can cause errors in space accounting. Additionally, if the unwritten extent cache is not properly shrunk during splitting, caching extents can conflict with existing extents, potentially triggering warnings or errors in the future.

Impact Analysis

This vulnerability can lead to errors in space accounting within the ext4 filesystem. Specifically, stale or incorrect extent entries may cause the filesystem to mismanage disk space allocation, potentially leading to data corruption or loss.

If delayed buffer writes occur on the affected extents, the system may re-insert delayed extents incorrectly, causing further inconsistencies. This can impact system stability and reliability, especially in environments relying on accurate filesystem operations.

Mitigation Strategies

The vulnerability has been resolved in the Linux kernel by not caching extents during the splitting process in ext4. To mitigate this vulnerability, you should update your Linux kernel to a version that includes this fix.

Avoid using kernel versions where ext4 caches extents during splitting, as this can cause stale extents and errors in space accounting.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-45912. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart