CVE-2026-53320
In the Linux kernel, the following vulnerability has been resolved: nilfs2: reject zero bd_oblocknr in nilfs_ioctl_mark_blocks_dirty() nilfs_ioctl_mark_blocks_dirty() uses bd_oblocknr to detect dead blocks by comparing it with the current block number bd_blocknr. If they differ, the block is considered dead and skipped. However, bd_oblocknr should never be 0 since block 0 typically stores the primary superblock and is never a valid GC target block. A corrupted ioctl request with bd_oblocknr set to 0 causes the comparison to incorrectly match when the lookup returns -ENOENT and sets bd_blocknr to 0, bypassing the dead block check and calling nilfs_bmap_mark() on a non-existent block. This causes nilfs_btree_do_lookup() to return -ENOENT, triggering the WARN_ON(ret == -ENOENT). Fix this by rejecting ioctl requests with bd_oblocknr set to 0 at the beginning of each iteration. [ryusuke: slightly modified the commit message and comments for accuracy]
Affected versions
Linux kernel versions
2.6.30
and later are affected. Fixed in
5.10.258,
5.15.209,
6.1.175,
6.6.141,
6.12.91,
6.18.33,
7.0.10,
7.1
and their respective stable series.
References
8 totalFrequently asked questions
-
What is CVE-2026-53320?
CVE-2026-53320 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 2.6.30 onward and has been patched in 5.10.258, 5.15.209, 6.1.175 and others. CVE-2026-53320 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
-
Is there a patch available for CVE-2026-53320?
Yes — CVE-2026-53320 has been patched. Fixed versions include 5.10.258, 5.15.209, 6.1.175 and others. If you are running Linux kernel 2.6.30 or later up to the fix versions, apply the relevant patch for your kernel branch.
-
Is CVE-2026-53320 actively exploited?
No — CVE-2026-53320 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.