In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix data loss caused by incorrect use of nat_entry flag
Data loss can occur when fsync is performed on a newly created file (before any checkpoint has been written) concurrently with a checkpoint operation. The scenario is as follows:
create & write & fsync 'file A' write checkpoint - f2fsdosyncfile // inline inode - f2fswriteinode // inode folio is dirty - f2fswritecheckpoint - f2fsflushmergedwrites - f2fssyncnodepages - f2fsflushnatentries - f2fsfsyncnodepages // no dirty node - f2fsneedinodeblock_update // return false SPO and lost 'file A'
f2fsflushnatentries() sets the ISCHECKPOINTED and HASLASTFSYNC flags for the natentry, but this does not mean that the checkpoint has actually completed successfully. However, f2fsneedinodeblock_update() checks these flags and incorrectly assumes that the checkpoint has finished.
The root cause is that the semantics of ISCHECKPOINTED and HASLAST_FSYNC are only guaranteed after the checkpoint write fully completes.
This patch modifies f2fsneedinodeblockupdate() to acquire the sbi->nodewrite lock before reading the natentry flags, ensuring that once ISCHECKPOINTED and HASLAST_FSYNC are observed to be set, the checkpoint operation has already completed.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53017.json",
"cna_assigner": "Linux"
}