2481970 – (CVE-2026-45974) CVE-2026-45974 kernel: btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found

Bug 2481970 (CVE-2026-45974) - CVE-2026-45974 kernel: btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found

Summary: CVE-2026-45974 kernel: btrfs: fix invalid leaf access in btrfs_quota_enable()...

Keywords:
Status:	NEW
Alias:	CVE-2026-45974
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2026-05-27 15:04 UTC by OSIDB Bzimport
Modified:	2026-05-27 22:38 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-05-27 15:04:54 UTC

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found

If btrfs_search_slot_for_read() returns 1, it means we did not find any
key greater than or equals to the key we asked for, meaning we have
reached the end of the tree and therefore the path is not valid. If
this happens we need to break out of the loop and stop, instead of
continuing and accessing an invalid path.

Comment 1 Keith Grant 2026-05-27 22:37:16 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2026052737-CVE-2026-45974-c88c@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.