CVE-2026-31514
MEDIUM EPSS 2.3%
Published Apr 22, 20262mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Published Apr 22, 2026 2mo ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: erofs: set fileio bio failed in short read case For file-backed mount, IO requests are handled by vfs_iocb_iter_read(). However, it can be interrupted by SIGKILL, returning the number of bytes actually copied. Unused folios in bio are unexpectedly marked as uptodate. vfs_read filemap_read filemap_get_pages filemap_readahead erofs_fileio_readahead erofs_fileio_rq_submit vfs_iocb_iter_read filemap_read filemap_get_pages <= detect signal erofs_fileio_ki_complete <= set all folios uptodate This patch addresses this by setting short read bio with an error directly.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
2.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 3
References 4
- git.kernel.org https://git.kernel.org/stable/c/5a5f23ef5431639db1ac3a0b274aef3a84cc413c
- git.kernel.org https://git.kernel.org/stable/c/5cf3972c8221abdb1b464a14ccf8103d840b9085
- git.kernel.org https://git.kernel.org/stable/c/d1ba7d6b3cd1757b108d7b6856c92ae661d6c323
- git.kernel.org https://git.kernel.org/stable/c/eade54040384f54b7fb330e4b0975c5734850b3c
Remediation
- git.kernel.org https://git.kernel.org/stable/c/5a5f23ef5431639db1ac3a0b274aef3a84cc413c
- git.kernel.org https://git.kernel.org/stable/c/5cf3972c8221abdb1b464a14ccf8103d840b9085
- git.kernel.org https://git.kernel.org/stable/c/d1ba7d6b3cd1757b108d7b6856c92ae661d6c323
- git.kernel.org https://git.kernel.org/stable/c/eade54040384f54b7fb330e4b0975c5734850b3c