Home

Description

In the Linux kernel, the following vulnerability has been resolved: erofs: add GFP_NOIO in the bio completion if needed The bio completion path in the process context (e.g. dm-verity) will directly call into decompression rather than trigger another workqueue context for minimal scheduling latencies, which can then call vm_map_ram() with GFP_KERNEL. Due to insufficient memory, vm_map_ram() may generate memory swapping I/O, which can cause submit_bio_wait to deadlock in some scenarios. Trimmed down the call stack, as follows: f2fs_submit_read_io submit_bio //bio_list is initialized. mmc_blk_mq_recovery z_erofs_endio vm_map_ram __pte_alloc_kernel __alloc_pages_direct_reclaim shrink_folio_list __swap_writepage submit_bio_wait //bio_list is non-NULL, hang!!! Use memalloc_noio_{save,restore}() to wrap up this path.

PUBLISHED Reserved 2026-03-09 | Published 2026-04-22 | Updated 2026-04-27 | Assigner Linux




HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Product status

Default status
unaffected

648f2de053a882c87c05f0060f47d3b11841fdbe (git) before d6565ea662e17d45a577184b0011bd69de22dc2b
affected

648f2de053a882c87c05f0060f47d3b11841fdbe (git) before d9d8360cb66e3b599d89d2526e7da8b530ebf2ff
affected

648f2de053a882c87c05f0060f47d3b11841fdbe (git) before 5c8ecdcfbfb0b0c6a82a4ebadc1ddea61609b902
affected

648f2de053a882c87c05f0060f47d3b11841fdbe (git) before 378949f46e897204384f3f5f91e42e93e3f87568
affected

648f2de053a882c87c05f0060f47d3b11841fdbe (git) before da40464064599eefe78749f75cd2bba371044c04
affected

648f2de053a882c87c05f0060f47d3b11841fdbe (git) before e83e20b82859f0588e9a52a6fa9fea704a2061cf
affected

648f2de053a882c87c05f0060f47d3b11841fdbe (git) before c23df30915f83e7257c8625b690a1cece94142a0
affected

Default status
affected

5.13
affected

Any version before 5.13
unaffected

5.15.203 (semver)
unaffected

6.1.168 (semver)
unaffected

6.6.131 (semver)
unaffected

6.12.80 (semver)
unaffected

6.18.21 (semver)
unaffected

6.19.11 (semver)
unaffected

7.0 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/d6565ea662e17d45a577184b0011bd69de22dc2b

git.kernel.org/...c/d9d8360cb66e3b599d89d2526e7da8b530ebf2ff

git.kernel.org/...c/5c8ecdcfbfb0b0c6a82a4ebadc1ddea61609b902

git.kernel.org/...c/378949f46e897204384f3f5f91e42e93e3f87568

git.kernel.org/...c/da40464064599eefe78749f75cd2bba371044c04

git.kernel.org/...c/e83e20b82859f0588e9a52a6fa9fea704a2061cf

git.kernel.org/...c/c23df30915f83e7257c8625b690a1cece94142a0

cve.org (CVE-2026-31467)

nvd.nist.gov (CVE-2026-31467)

Download JSON