CVE-2026-43117 - Vulnerability Details

- btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file()

Description

In the Linux kernel, the following vulnerability has been resolved:

btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file()

If overlay is used on top of btrfs, dentry->d_sb translates to overlay's
super block and fsid assignment will lead to a crash.

Use file_inode(file)->i_sb to always get btrfs_sb.

Published: 2026-05-06

Score: n/a

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< c09a7446aab5773f38d6abb25fce99b8e1dfbc97
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< 32372781d664a9b03c40343e96c29d0a6139f97d
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< 2e4adfaec97ee053ad1bdfb5036845e66f7e0d8a
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< d110d7cdb045715c0b45b0dfd974525bb38f653d
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< a85b46db143fda5869e7d8df8f258ccef5fa1719

Linux

affected

Version	Status	Constraints
`6.6.136`	unaffected	≤ 6.6.*
`6.12.83`	unaffected	≤ 6.12.*
`6.18.24`	unaffected	≤ 6.18.*
`6.19.14`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/2e4adfaec97ee053ad1bdfb5036845e66f7e0d8a
https://git.kernel.org/stable/c/32372781d664a9b03c40343e96c29d0a6139f97d
https://git.kernel.org/stable/c/a85b46db143fda5869e7d8df8f258ccef5fa1719
https://git.kernel.org/stable/c/c09a7446aab5773f38d6abb25fce99b8e1dfbc97
https://git.kernel.org/stable/c/d110d7cdb045715c0b45b0dfd974525bb38f653d

History

Wed, 06 May 2026 09:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file() If overlay is used on top of btrfs, dentry->d_sb translates to overlay's super block and fsid assignment will lead to a crash. Use file_inode(file)->i_sb to always get btrfs_sb.
Title		btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/2e4adfaec97ee053ad1bdfb5036845e66f7e0d8a https://git.kernel.org/stable/c/32372781d664a9b03c40343e96c29d0a6139f97d https://git.kernel.org/stable/c/a85b46db143fda5869e7d8df8f258ccef5fa1719 https://git.kernel.org/stable/c/c09a7446aab5773f38d6abb25fce99b8e1dfbc97 https://git.kernel.org/stable/c/d110d7cdb045715c0b45b0dfd974525bb38f653d

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-06T07:40:41.862Z

Updated: 2026-05-06T07:40:41.862Z

Reserved: 2026-05-01T14:12:55.987Z

Link: CVE-2026-43117

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-05-06T10:16:25.513

Modified: 2026-05-06T10:16:25.513

Link: CVE-2026-43117

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object