Bug 2482048 (CVE-2026-45899)

Summary: CVE-2026-45899 kernel: ext4: drop extent cache when splitting extent fails
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: rhel-process-autobot, watson-tool-maintainers
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A flaw was found in the Linux kernel, specifically within the ext4 filesystem's extent cache management. When an operation to split an extent fails, the system may not properly clear all related entries, leading to stale extent entries remaining in the extent status tree. This can result in data integrity issues or potential system instability.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description OSIDB Bzimport 2026-05-27 15:08:46 UTC 
In the Linux kernel, the following vulnerability has been resolved:

ext4: drop extent cache when splitting extent fails

When the split extent fails, we might leave some extents still being
processed and return an error directly, which will result in stale
extent entries remaining in the extent status tree. So drop all of the
remaining potentially stale extents if the splitting fails.
Comment 1 Keith Grant 2026-05-28 02:25:56 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2026052719-CVE-2026-45899-a56d@gregkh/T