Home

Description

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix NULL i_assoc_inode dereference in nilfs_mdt_save_to_shadow_map The DAT inode's btree node cache (i_assoc_inode) is initialized lazily during btree operations. However, nilfs_mdt_save_to_shadow_map() assumes i_assoc_inode is already initialized when copying dirty pages to the shadow map during GC. If NILFS_IOCTL_CLEAN_SEGMENTS is called immediately after mount before any btree operation has occurred on the DAT inode, i_assoc_inode is NULL leading to a general protection fault. Fix this by calling nilfs_attach_btree_node_cache() on the DAT inode in nilfs_dat_read() at mount time, ensuring i_assoc_inode is always initialized before any GC operation can use it.

PUBLISHED Reserved 2026-03-09 | Published 2026-04-24 | Updated 2026-04-27 | Assigner Linux

Product status

Default status
unaffected

e897be17a441fa637cd166fc3de1445131e57692 (git) before 7318e3549518ce8f14776a489d86488d80d7e2c8
affected

e897be17a441fa637cd166fc3de1445131e57692 (git) before 449ec5fc99f45974525ba9eea16b6670c45cd363
affected

e897be17a441fa637cd166fc3de1445131e57692 (git) before c36e206f302f1ddefed92d09ecbba070e1ae079e
affected

e897be17a441fa637cd166fc3de1445131e57692 (git) before 41de342278ae025c99cc8d33648773f05e306cf1
affected

e897be17a441fa637cd166fc3de1445131e57692 (git) before 97fb7afec404912d967a7d4715f37742666b3084
affected

e897be17a441fa637cd166fc3de1445131e57692 (git) before 4a4e0328edd9e9755843787d28f16dd4165f8b48
affected

6c3da8c0a35bbafe359d9166269d5590f29664de (git)
affected

605babb979c213737618b1c837e89624e5ab11fd (git)
affected

307d021b1a7f33048b624f7aaeaa75e3eae571f1 (git)
affected

d626fcdabea2258be395a775bdbe09270e9bf73d (git)
affected

d05cc5395e36711edad8bdef6945f138d8a7097b (git)
affected

1829b24a36ca12ca95b96d5478faeff40c17f2b6 (git)
affected

Default status
affected

5.18
affected

Any version before 5.18
unaffected

6.6.136 (semver)
unaffected

6.12.83 (semver)
unaffected

6.18.24 (semver)
unaffected

6.19.14 (semver)
unaffected

7.0.1 (semver)
unaffected

7.1-rc1 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/7318e3549518ce8f14776a489d86488d80d7e2c8

git.kernel.org/...c/449ec5fc99f45974525ba9eea16b6670c45cd363

git.kernel.org/...c/c36e206f302f1ddefed92d09ecbba070e1ae079e

git.kernel.org/...c/41de342278ae025c99cc8d33648773f05e306cf1

git.kernel.org/...c/97fb7afec404912d967a7d4715f37742666b3084

git.kernel.org/...c/4a4e0328edd9e9755843787d28f16dd4165f8b48

cve.org (CVE-2026-31577)

nvd.nist.gov (CVE-2026-31577)

Download JSON