CVE Catalog

CVE-2026-45974

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.13%

3th percentile - higher than 3% of all known CVEs

Summary

A vulnerability in the Linux kernel related to invalid leaf access in the btrfs_quota_enable() function when the reference key is not found has been resolved. The issue occurred when btrfs_search_slot_for_read() returned 1, indicating that no key greater than or equal to the requested key was found.

Risk Assessment

Invalid access to a path in the data structure may lead to unexpected system behavior, potentially compromising data integrity and system stability. Organizations should be aware of potential performance and security issues.

Recommendation

It is recommended to update the Linux kernel to the latest version to mitigate this vulnerability. Regular monitoring and updating of systems is crucial for maintaining security.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found If btrfs_search_slot_for_read() returns 1, it means we did not find any key greater than or equals to the key we asked for, meaning we have reached the end of the tree and therefore the path is not valid. If this happens we need to break out of the loop and stop, instead of continuing and accessing an invalid path.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS