CVE-2026-53049

Source
https://cve.org/CVERecord?id=CVE-2026-53049
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53049.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-53049
Downstream
Published
2026-06-24T16:29:55.190Z
Modified
2026-07-08T08:09:45.285830846Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
gfs2: add some missing log locking
Details

In the Linux kernel, the following vulnerability has been resolved:

gfs2: add some missing log locking

Function gfs2logd() calls the log flushing functions gfs2ail1start(), gfs2ail1wait(), and gfs2ail1empty() without holding sdp->sdlogflushlock, but these functions require exclusion against concurrent transactions.

To fix that, add a non-locking __gfs2logflush() function. Then, in gfs2logd(), take sdp->sdlogflushlock before calling the above mentioned log flushing functions and __gfs2logflush().

Database specific
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53049.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5e4c7632aae1cce137792647f4fb6f599d1da893
Fixed
3b28eb75afe520972bacc833850c2b30aa0824cd
Fixed
ca95342cb1b39062a03c115830286f0a426053d5
Fixed
bf5fcd9c37c2546beaf7b401d31aefd89017dc3d
Fixed
f2f225cf505ac016132ded21690f3ba0a080a4e8
Fixed
49d9be0722da3a4a893ba905720cba1921834ec3
Fixed
98e8bf249c790d56de1abc4a5f8bd68035a00921
Fixed
fe2c8d051150b90b3ccb85f89e3b1d636cb88ec8

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53049.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.7.0
Fixed
5.15.209
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.175
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.141
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.91
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.33
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
7.0.10

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53049.json"