erofs: set fileio bio failed in short read case

MITRE NVD CVE.ORG JSON API Print: PDF PDF

Summary

CVECVE-2026-31514
StatePUBLISHED
AssignerLinux
Source PriorityCVE Program / NVD first with legacy fallback
Published2026-04-22 14:16:50 UTC
Updated2026-04-23 16:17:41 UTC
DescriptionIn the Linux kernel, the following vulnerability has been resolved: erofs: set fileio bio failed in short read case For file-backed mount, IO requests are handled by vfs_iocb_iter_read(). However, it can be interrupted by SIGKILL, returning the number of bytes actually copied. Unused folios in bio are unexpectedly marked as uptodate. vfs_read filemap_read filemap_get_pages filemap_readahead erofs_fileio_readahead erofs_fileio_rq_submit vfs_iocb_iter_read filemap_read filemap_get_pages <= detect signal erofs_fileio_ki_complete <= set all folios uptodate This patch addresses this by setting short read bio with an error directly.

Risk And Classification

EPSS: 0.000180000 probability, percentile 0.045840000 (date 2026-04-24)

Vendor Declared Affected Products

SourceVendorProductVersionPlatforms
CNA Linux Linux affected 8d582d65d20bb4796db01b19e86909ad68cb337b d1ba7d6b3cd1757b108d7b6856c92ae661d6c323 git Not specified
CNA Linux Linux affected e49abde0ffc382a967b24f326d1614ac3bb06a94 5cf3972c8221abdb1b464a14ccf8103d840b9085 git Not specified
CNA Linux Linux affected fe4039034dcdf584afbf763787909e28e92a4927 5a5f23ef5431639db1ac3a0b274aef3a84cc413c git Not specified
CNA Linux Linux affected bc804a8d7e865ef47fb7edcaf5e77d18bf444ebc eade54040384f54b7fb330e4b0975c5734850b3c git Not specified
CNA Linux Linux affected 6.12.75 6.12.80 semver Not specified
CNA Linux Linux affected 6.18.14 6.18.21 semver Not specified
CNA Linux Linux affected 6.19.4 6.19.11 semver Not specified

References

ReferenceSourceLinkTags
git.kernel.org/stable/c/eade54040384f54b7fb330e4b0975c5734850b3c 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/5a5f23ef5431639db1ac3a0b274aef3a84cc413c 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/5cf3972c8221abdb1b464a14ccf8103d840b9085 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/d1ba7d6b3cd1757b108d7b6856c92ae661d6c323 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report