NVD

CVE-2026-53320 Detail

Received

This CVE record has recently been published to the CVE List and has been included within the NVD dataset.

Description

In the Linux kernel, the following vulnerability has been resolved: nilfs2: reject zero bd_oblocknr in nilfs_ioctl_mark_blocks_dirty() nilfs_ioctl_mark_blocks_dirty() uses bd_oblocknr to detect dead blocks by comparing it with the current block number bd_blocknr. If they differ, the block is considered dead and skipped. However, bd_oblocknr should never be 0 since block 0 typically stores the primary superblock and is never a valid GC target block. A corrupted ioctl request with bd_oblocknr set to 0 causes the comparison to incorrectly match when the lookup returns -ENOENT and sets bd_blocknr to 0, bypassing the dead block check and calling nilfs_bmap_mark() on a non-existent block. This causes nilfs_btree_do_lookup() to return -ENOENT, triggering the WARN_ON(ret == -ENOENT). Fix this by rejecting ioctl requests with bd_oblocknr set to 0 at the beginning of each iteration. [ryusuke: slightly modified the commit message and comments for accuracy]

Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.

CVSS 4.0 Severity and Vector Strings:

NIST: NVD

N/A

NVD assessment not yet provided.

CVSS 3.x Severity and Vector Strings:

NIST: NVD

Base Score: N/A

NVD assessment not yet provided.

CVSS 2.0 Severity and Vector Strings:

National Institute of Standards and Technology

NIST: NVD

Base Score: N/A

NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL	Source(s)	Tag(s)
https://git.kernel.org/stable/c/4525658002be3ad310b16bf8db48c8adb6a55d32	kernel.org
https://git.kernel.org/stable/c/65e07964b4b2daf9a54e686cf0fa72d74a9648a8	kernel.org
https://git.kernel.org/stable/c/94094e70fe292c9566502772d4d4d6d6a99204b1	kernel.org
https://git.kernel.org/stable/c/9472d37799a0b9ff9b99639f35961ac2f0b3c9be	kernel.org
https://git.kernel.org/stable/c/b88f905d4449b70da6bda547be546e365e44352e	kernel.org
https://git.kernel.org/stable/c/be3e5d10643d3be1cbac9d9939f220a99253f980	kernel.org
https://git.kernel.org/stable/c/e0a0c4903cbba351f0f5b5d104960d3a5b23202f	kernel.org
https://git.kernel.org/stable/c/e5ff0ba4b6983cdbcc826efc201e7179ece5d46f	kernel.org

Weakness Enumeration

CWE-ID	CWE Name	Source

Change History

1 change records found show changes

New CVE Received from kernel.org 6/26/2026 4:17:25 PM

Action	Type	New Value
Added	Description	In the Linux kernel, the following vulnerability has been resolved: nilfs2: reject zero bd_oblocknr in nilfs_ioctl_mark_blocks_dirty() nilfs_ioctl_mark_blocks_dirty() uses bd_oblocknr to detect dead blocks by comparing it with the current block number bd_blocknr. If they differ, the block is considered dead and skipped. However, bd_oblocknr should never be 0 since block 0 typically stores the primary superblock and is never a valid GC target block. A corrupted ioctl request with bd_oblocknr set to 0 causes the comparison to incorrectly match when the lookup returns -ENOENT and sets bd_blocknr to 0, bypassing the dead block check and calling nilfs_bmap_mark() on a non-existent block. This causes nilfs_btree_do_lookup() to return -ENOENT, triggering the WARN_ON(ret == -ENOENT). Fix this by rejecting ioctl requests with bd_oblocknr set to 0 at the beginning of each iteration. [ryusuke: slightly modified the commit message and comments for accuracy]
Added	Reference	https://git.kernel.org/stable/c/4525658002be3ad310b16bf8db48c8adb6a55d32
Added	Reference	https://git.kernel.org/stable/c/65e07964b4b2daf9a54e686cf0fa72d74a9648a8
Added	Reference	https://git.kernel.org/stable/c/94094e70fe292c9566502772d4d4d6d6a99204b1
Added	Reference	https://git.kernel.org/stable/c/9472d37799a0b9ff9b99639f35961ac2f0b3c9be
Added	Reference	https://git.kernel.org/stable/c/b88f905d4449b70da6bda547be546e365e44352e
Added	Reference	https://git.kernel.org/stable/c/be3e5d10643d3be1cbac9d9939f220a99253f980
Added	Reference	https://git.kernel.org/stable/c/e0a0c4903cbba351f0f5b5d104960d3a5b23202f
Added	Reference	https://git.kernel.org/stable/c/e5ff0ba4b6983cdbcc826efc201e7179ece5d46f
Added	Affected	Record truncated, showing 2048 of 2451 characters. View Entire Change Record [{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["fs/nilfs2/ioctl.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"7942b919f7321f95a777d396ff7894a7a83dc9b0","lessThan":"e0a0c4903cbba351f0f5b5d104960d3a5b23202f","versionType":"git","status":"affected"},{"version":"7942b919f7321f95a777d396ff7894a7a83dc9b0","lessThan":"9472d37799a0b9ff9b99639f35961ac2f0b3c9be","versionType":"git","status":"affected"},{"version":"7942b919f7321f95a777d396ff7894a7a83dc9b0","lessThan":"65e07964b4b2daf9a54e686cf0fa72d74a9648a8","versionType":"git","status":"affected"},{"version":"7942b919f7321f95a777d396ff7894a7a83dc9b0","lessThan":"b88f905d4449b70da6bda547be546e365e44352e","versionType":"git","status":"affected"},{"version":"7942b919f7321f95a777d396ff7894a7a83dc9b0","lessThan":"4525658002be3ad310b16bf8db48c8adb6a55d32","versionType":"git","status":"affected"},{"version":"7942b919f7321f95a777d396ff7894a7a83dc9b0","lessThan":"e5ff0ba4b6983cdbcc826efc201e7179ece5d46f","versionType":"git","status":"affected"},{"version":"7942b919f7321f95a777d396ff7894a7a83dc9b0","lessThan":"94094e70fe292c9566502772d4d4d6d6a99204b1","versionType":"git","status":"affected"},{"version":"7942b919f7321f95a777d396ff7894a7a83dc9b0","lessThan":"be3e5d10643d3be1cbac9d9939f220a99253f980","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["fs/nilfs2/ioctl.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2.6.30","status":"affected"},{"version":"0","lessThan":"2.6.30","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.","versionType":"semver","status":"unaffected"},{"version":"6.6.141","lessThanOrEqual":"6.6.","versionType":"semver","sta

Quick Info

CVE Dictionary Entry:
CVE-2026-53320
NVD Published Date:
06/26/2026
NVD Last Modified:
06/26/2026
Source:
kernel.org

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

CVE-2026-53320 Detail

Description

Metrics

References to Advisories, Solutions, and Tools

Weakness Enumeration

Change History

New CVE Received from kernel.org 6/26/2026 4:17:25 PM

Quick Info