CVE Catalog

CVE-2026-46095

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile - higher than 2% of all known CVEs

Summary

In the Linux kernel, a vulnerability in the md/md-llbitmap module was found due to incorrect operation order: the barrier raise occurred after the state machine call, potentially causing race conditions. The fix moves the barrier raise before the state machine transition in llbitmap_start_write() and llbitmap_start_discard().

Risk Assessment

Lack of proper synchronization may allow concurrent resource access, leading to data corruption or unpredictable system behavior.

Recommendation

It is recommended to immediately update the Linux kernel to a version containing the fix (commit addressing CVE-2026-46095).

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: md/md-llbitmap: raise barrier before state machine transition Move the barrier raise operation before calling llbitmap_state_machine() in both llbitmap_start_write() and llbitmap_start_discard(). This ensures the barrier is in place before any state transitions occur, preventing potential race conditions where the state machine could complete before the barrier is properly raised.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS