SB2026052827 - Integer underflow in Linux kernel md driver
Published: May 28, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Integer underflow (CVE-ID: CVE-2026-46050)
CWE-ID: CWE-191 - Integer underflow
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to an integer underflow in the md/raid10 request handling logic when processing nowait I/O requests during an array check operation. A local user can issue nowait I/O on the same array while a check operation is running to cause a denial of service.
The issue can cause the md resync thread and other requests to become stuck waiting on the barrier state.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/1cdff2937c618f81058422bbdc4974a3e7ec9379
- https://git.kernel.org/stable/c/42fe37c90184cd1568838b84b488934c3671c963
- https://git.kernel.org/stable/c/7d96f3120a7fb7210d21b520c5b6f495da6ba436
- https://git.kernel.org/stable/c/965d6162dd88cc7cc193cf7f5bfc132d8bbf0523
- https://git.kernel.org/stable/c/cac2106bb9a2180b288079b49ed626414fb5bc45