In the Linux kernel, the following vulnerability has been resolved:
f2fs: protect extensionlist reading with sblock in f2fssbishow()
In f2fssbishow(), the extensionlist, extensioncount and hotextcount are read without holding sbi->sblock. If a concurrent sysfs store modifies the extension list via f2fsupdateextensionlist(), the show path may read inconsistent count and array contents, potentially leading to out-of-bounds access or displaying stale data.
Fix this by holding sb_lock around the entire extension list read and format operation.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53303.json",
"cna_assigner": "Linux"
}