← All CVEs

CVE-2026-53303

N/A

Published 2026-06-26 · Last modified 2026-06-26

In the Linux kernel, the following vulnerability has been resolved: f2fs: protect extension_list reading with sb_lock in f2fs_sbi_show() In f2fs_sbi_show(), the extension_list, extension_count and hot_ext_count are read without holding sbi->sb_lock. If a concurrent sysfs store modifies the extension list via f2fs_update_extension_list(), the show path may read inconsistent count and array contents, potentially leading to out-of-bounds access or displaying stale data. Fix this by holding sb_lock around the entire extension list read and format operation.

NO EXPLOITATION SIGNALS

No known exploitation, public exploit, or elevated probability at this time. Track for changes.

Exploitation likelihood

0.2%chance of exploitation in 30 days · 7th percentile

○ In CISA KEV ○ Public exploit / PoC

Impact if exploited

CVSS · not scored

  • No impact metrics

Affected

Vendors Linux

Products Linux

Weakness (CWE)

Not classified.

CVSS vector

Not yet scored.

Sources: NVD · CVE.org · EPSS