HIGHCVE-2026-43063Published Modified CNA Linux
CVE-2026-43063: xfs: don't irele after failing to iget in xfs_attri_recover_work
In the Linux kernel, the following vulnerability has been resolved: xfs: don't irele after failing to iget in xfs_attri_recover_work xlog_recovery_iget* never set @ip to a valid pointer if they return an error, so this irele will walk off a dangling pointer. Fix that.
Metrics
- CVSS v3.1
- 7.8
- Severity
- HIGH
- Fixed in
- 0
- Affected Products
- 2
Fix available
040082d08b638485cbaa543dc8087a3d1844d6f086.12.806.18.216.19.117.070685c291ef82269180758130394ecdc4496b52ca1a5df1038f0b3c560d204270373621a4e622808b5c5a50c2f513d4a13a6763564a07b470e69cc5a
Affected packages
- Linux / Linux< b5c5a50c2f513d4a13a6763564a07b470e69cc5a (from ae673f534a30976ce5e709c4535a59c12b786ef3) · < a1a5df1038f0b3c560d204270373621a4e622808 (from ae673f534a30976ce5e709c4535a59c12b786ef3) · < 40082d08b638485cbaa543dc8087a3d1844d6f08 (from ae673f534a30976ce5e709c4535a59c12b786ef3) · < 70685c291ef82269180758130394ecdc4496b52c (from ae673f534a30976ce5e709c4535a59c12b786ef3)
- Linux / Linux6.10Fixed in 0, 6.12.80, 6.18.21, 6.19.11, 7.0
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H