CVE-2026-53303
概要

In the Linux kernel, the following vulnerability has been resolved:

f2fs: protect extension_list reading with sb_lock in f2fs_sbi_show()

In f2fs_sbi_show(), the extension_list, extension_count and
hot_ext_count are read without holding sbi->sb_lock. If a concurrent
sysfs store modifies the extension list via f2fs_update_extension_list(),
the show path may read inconsistent count and array contents, potentially
leading to out-of-bounds access or displaying stale data.

Fix this by holding sb_lock around the entire extension list read
and format operation.

公表日 2026年6月27日5:17
登録日 2026年6月29日4:16
最終更新日 2026年6月27日5:17
関連情報、対策とツール
共通脆弱性一覧