U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. Vulnerabilities

CVE-2026-31454 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: xfs: save ailp before dropping the AIL lock in push callbacks In xfs_inode_item_push() and xfs_qm_dquot_logitem_push(), the AIL lock is dropped to perform buffer IO. Once the cluster buffer no longer protects the log item from reclaim, the log item may be freed by background reclaim or the dquot shrinker. The subsequent spin_lock() call dereferences lip->li_ailp, which is a use-after-free. Fix this by saving the ailp pointer in a local variable while the AIL lock is held and the log item is guaranteed to be valid.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
https://git.kernel.org/stable/c/19437e4f7bb909afde832b39372aa2f3ce3cfd88 kernel.org Patch 
https://git.kernel.org/stable/c/394d70b86fae9fe865e7e6d9540b7696f73aa9b6 kernel.org Patch 
https://git.kernel.org/stable/c/4c7d50147316cf049462f327c4a3e9dc2b7f1dd0 kernel.org Patch 
https://git.kernel.org/stable/c/50f5f056807b7bed74f4f307f2ca0ed92f3e556d kernel.org Patch 
https://git.kernel.org/stable/c/6dbe17f19c290a72ce57d5abc70e1fad0c3e14e5 kernel.org Patch 
https://git.kernel.org/stable/c/75669e987137f49c99ca44406bf0200d1892dd16 kernel.org Patch 
https://git.kernel.org/stable/c/d8fc60bbaf5aea1604bf9f4ed565da6a1ac7a87d kernel.org Patch 
https://git.kernel.org/stable/c/edd1637d4e3911ab6c760f553f2040fe72f61a13 kernel.org Patch 

Weakness Enumeration

CWE-ID CWE Name Source
CWE-416 Use After Free cwe source acceptance level NIST  

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

3 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2026-31454
NVD Published Date:
04/22/2026
NVD Last Modified:
05/06/2026
Source:
kernel.org