Race condition in Linux kernel - CVE-2026-53017
Published: June 25, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause data loss.
The vulnerability exists due to a race condition in f2fs_need_inode_block_update() and nat_entry flag handling when performing fsync on a newly created file concurrently with a checkpoint operation. A local user can trigger concurrent file and checkpoint activity to cause data loss.
The issue occurs before any checkpoint has been written for the newly created file.