Description
In the Linux kernel, the following vulnerability has been resolved:

dm cache: fix write hang in passthrough mode

The invalidate_remove() function has incomplete logic for handling write
hit bios after cache invalidation. It sets up the remapping for the
overwrite_bio but then drops it immediately without submission, causing
write operations to hang.

Fix by adding a new invalidate_committed() continuation that submits
the remapped writes to the cache origin after metadata commit completes,
while using the overwrite_endio hook to ensure proper completion
sequencing. This maintains existing coherency. Also improve error
handling in invalidate_complete() to preserve the original error status
instead of using bio_io_error() unconditionally.
Published: 2026-06-24
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The dm‑cache module in the Linux kernel contains a defect in the invalidate_remove() routine that handles write‑hit bios after cache invalidation. The bug causes the module to set up a remapping for an overwrite_bio but then discard it before submitting the write, leaving the operation hanging. This defect does not compromise data confidentiality or integrity but blocks I/O to devices that use dm‑cache in passthrough mode, effectively causing a denial of service through stalled write requests.

Affected Systems

Linux kernel distributions that incorporate the dm‑cache driver without the recent patch commits (identified by the commit references in the advisory). The advisory does not enumerate specific kernel versions, so any unpatched kernel release that includes the dm‑cache driver and admits the historic bug is potentially affected.

Risk and Exploitability

A CVSS score and EPSS value are not published for this vulnerability, and it is not listed in CISA’s KEV catalog. The flaw appears to require a local context where the affected kernel processes write requests through dm‑cache; an attacker with sufficient privileges to induce or observe stalled writes could trigger the denial of service. No public exploit has been reported, but the lack of a known mitigation path for this bug increases the potential impact for unpatched systems.

Generated by OpenCVE AI on June 24, 2026 at 21:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Linux kernel to a version that contains the dm‑cache write‑hang fix (apply the listed commit changes).
  • If a kernel upgrade cannot be performed immediately, disable the dm‑cache module or switch to a different caching strategy that does not rely on passthrough mode for critical workloads.
  • Continuously monitor system logs and I/O performance metrics for indications of hung write operations, and schedule planned maintenance to apply the patch as soon as practicable.

Generated by OpenCVE AI on June 24, 2026 at 21:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 24 Jun 2026 22:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-388
CWE-703

Wed, 24 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: dm cache: fix write hang in passthrough mode The invalidate_remove() function has incomplete logic for handling write hit bios after cache invalidation. It sets up the remapping for the overwrite_bio but then drops it immediately without submission, causing write operations to hang. Fix by adding a new invalidate_committed() continuation that submits the remapped writes to the cache origin after metadata commit completes, while using the overwrite_endio hook to ensure proper completion sequencing. This maintains existing coherency. Also improve error handling in invalidate_complete() to preserve the original error status instead of using bio_io_error() unconditionally.
Title dm cache: fix write hang in passthrough mode
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-24T16:30:06.857Z

Reserved: 2026-06-09T07:44:35.382Z

Link: CVE-2026-53063

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-24T22:00:04Z

Weaknesses
  • CWE-388
  • CWE-703

    Improper Check or Handling of Exceptional Conditions