CVE-2026-31514

MEDIUM EPSS 2.3%
Published Apr 22, 20262mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Apr 22, 2026 2mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: erofs: set fileio bio failed in short read case For file-backed mount, IO requests are handled by vfs_iocb_iter_read(). However, it can be interrupted by SIGKILL, returning the number of bytes actually copied. Unused folios in bio are unexpectedly marked as uptodate. vfs_read filemap_read filemap_get_pages filemap_readahead erofs_fileio_readahead erofs_fileio_rq_submit vfs_iocb_iter_read filemap_read filemap_get_pages <= detect signal erofs_fileio_ki_complete <= set all folios uptodate This patch addresses this by setting short read bio with an error directly.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 3

VendorProductVersionRange
linuxlinux_kernel*≥6.12.75  –  <6.12.80
linuxlinux_kernel*≥6.18.14  –  <6.18.21
linuxlinux_kernel*≥6.19.4  –  <6.19.11

References 4

  • git.kernel.org https://git.kernel.org/stable/c/5a5f23ef5431639db1ac3a0b274aef3a84cc413c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5cf3972c8221abdb1b464a14ccf8103d840b9085
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d1ba7d6b3cd1757b108d7b6856c92ae661d6c323
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/eade54040384f54b7fb330e4b0975c5734850b3c
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/5a5f23ef5431639db1ac3a0b274aef3a84cc413c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5cf3972c8221abdb1b464a14ccf8103d840b9085
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d1ba7d6b3cd1757b108d7b6856c92ae661d6c323
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/eade54040384f54b7fb330e4b0975c5734850b3c
    Patch