Race condition in Linux kernel - CVE-2026-31455
Published: April 24, 2026
Vulnerability identifier: #VU127692
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-31455
CWE-ID: CWE-362
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a race condition in xfs_unmount_flush_inodes() when unmounting an XFS filesystem while background reclaim and inodegc are still running. A local user can trigger filesystem unmount operations to cause a denial of service.
The issue occurs because inodegc can dirty and insert inodes into the AIL during the flush, while background reclaim can race to abort and free dirty inodes.
How to mitigate CVE-2026-31455
Install security update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/239d734c00644072862fa833805c4471573b1445
- https://git.kernel.org/stable/c/4f24a767e3d64a5f58c595b5c29b6063a201f1e3
- https://git.kernel.org/stable/c/558e3275d8a3b101be18a7fe7d1634053e9d9b07
- https://git.kernel.org/stable/c/8147e304d7d32fd5c3e943babc296ce2873dc279
- https://git.kernel.org/stable/c/a89434a6188d8430ea31120da96e3e4cefb58686
- https://git.kernel.org/stable/c/bda27fc0b4eb3a425d9a18475c4cb94fbe862c60
- https://git.kernel.org/stable/c/d38135af04a3ad8a585c899d176efc8e97853115
- https://git.kernel.org/stable/c/e6cc490048f78b009259a5f032acead9f789c34c