Description
In the Linux kernel, the following vulnerability has been resolved:

erofs: unify lcn as u64 for 32-bit platforms

As sashiko reported [1], `lcn` was typed as `unsigned long` (or
`unsigned int` sometimes), which is only 32 bits wide on 32-bit
platforms, which causes `(lcn << lclusterbits)` to be truncated
at 4 GiB.

In order to consolidate the logic, just use `u64` consistently
around the codebase.

[1] https://sashiko.dev/r/20260420034612.1899973-1-hsiangkao%40linux.alibaba.com
Published: 2026-06-24
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The issue involves the erofs file‑system component of the Linux kernel where the logical cluster number (lcn) was typed as a 32‑bit unsigned value on 32‑bit platforms. When the kernel calculated a block address by shifting the value left by the number of bits per cluster, the 32‑bit truncation caused the address to wrap at 4 GiB. This resulted in incorrect block locations and the possibility of data corruption or unpredictable disk access. The patch changes the type to a 64‑bit unsigned value so the address calculation is correct for all supported platforms.

Affected Systems

All Linux kernel installations on 32‑bit architectures are potentially affected. No specific kernel release is listed, suggesting the issue existed across multiple 32‑bit kernels before the patch was merged.

Risk and Exploitability

With a CVSS.5 and an EPSS score of < 1%, the vulnerability is assessed as moderate severity. The impact on data integrity and potential kernel crashes indicates a moderate risk for affected systems. The patch is already applied in newer kernel releases, so the primary vector is a local attack that could execute leveraged file system operations. The vulnerability is not listed in CISA KEV, indicating it is not a known widely exploited exploit at this time.

Generated by OpenCVE AI on June 26, 2026 at 01:58 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Linux kernel update that includes the lcn type change
  • Reboot the system to ensure the new kernel is active
  • If immediate kernel upgrade is not possible, migrate erofs volumes to a different filesystem or mount them read‑only until the patch is applied

Generated by OpenCVE AI on June 26, 2026 at 01:58 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 26 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Low


Wed, 24 Jun 2026 22:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-190
CWE-680

Wed, 24 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: erofs: unify lcn as u64 for 32-bit platforms As sashiko reported [1], `lcn` was typed as `unsigned long` (or `unsigned int` sometimes), which is only 32 bits wide on 32-bit platforms, which causes `(lcn << lclusterbits)` to be truncated at 4 GiB. In order to consolidate the logic, just use `u64` consistently around the codebase. [1] https://sashiko.dev/r/20260420034612.1899973-1-hsiangkao%40linux.alibaba.com
Title erofs: unify lcn as u64 for 32-bit platforms
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-24T16:29:25.396Z

Reserved: 2026-06-09T07:44:35.378Z

Link: CVE-2026-53015

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

Severity : Low

Publid Date: 2026-06-24T00:00:00Z

Links: CVE-2026-53015 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-26T02:00:17Z

Weaknesses
  • CWE-190

    Integer Overflow or Wraparound

  • CWE-680

    Integer Overflow to Buffer Overflow