hfsplus: return error when node already exists in hfs_bnode_create

MITRE NVD CVE.ORG JSON API Print: PDF PDF

Summary

CVECVE-2026-45960
StatePUBLISHED
AssignerLinux
Source PriorityCVE Program / NVD first with legacy fallback
Published2026-05-27 14:17:12 UTC
Updated2026-05-27 14:48:03 UTC
DescriptionIn the Linux kernel, the following vulnerability has been resolved: hfsplus: return error when node already exists in hfs_bnode_create When hfs_bnode_create() finds that a node is already hashed (which should not happen in normal operation), it currently returns the existing node without incrementing its reference count. This causes a reference count inconsistency that leads to a kernel panic when the node is later freed in hfs_bnode_put(): kernel BUG at fs/hfsplus/bnode.c:676! BUG_ON(!atomic_read(&node->refcnt)) This scenario can occur when hfs_bmap_alloc() attempts to allocate a node that is already in use (e.g., when node 0's bitmap bit is incorrectly unset), or due to filesystem corruption. Returning an existing node from a create path is not normal operation. Fix this by returning ERR_PTR(-EEXIST) instead of the node when it's already hashed. This properly signals the error condition to callers, which already check for IS_ERR() return values.

Risk And Classification

EPSS: 0.000240000 probability, percentile 0.073840000 (date 2026-05-30)

Vendor Declared Affected Products

SourceVendorProductVersionPlatforms
CNA Linux Linux affected 634725a92938b0f282b17cec0b007dca77adebd2 1ca428769cb4737a25bd32fb4d1573cc09eeaeef git Not specified
CNA Linux Linux affected 634725a92938b0f282b17cec0b007dca77adebd2 507a1de58c21c95ad7c44afccaf1222d1c42246b git Not specified
CNA Linux Linux affected 634725a92938b0f282b17cec0b007dca77adebd2 986455135b95f32c1f142068e451098fc751749e git Not specified
CNA Linux Linux affected 634725a92938b0f282b17cec0b007dca77adebd2 7b57ada854b32310f224abd61bcfec2d5790ff0a git Not specified
CNA Linux Linux affected 634725a92938b0f282b17cec0b007dca77adebd2 51838112d9c22502333c3085ca0c0d691e7093c6 git Not specified
CNA Linux Linux affected 634725a92938b0f282b17cec0b007dca77adebd2 2e6ff6a6fc69cc17ed10c9cb6242935d52acd52d git Not specified
CNA Linux Linux affected 634725a92938b0f282b17cec0b007dca77adebd2 2e9185a42e0e237c74435fd092b7c34537c62156 git Not specified
CNA Linux Linux affected 634725a92938b0f282b17cec0b007dca77adebd2 d8a73cc46c8462a969a7516131feb3096f4c49d3 git Not specified
CNA Linux Linux affected 2.6.16 Not specified
CNA Linux Linux unaffected 2.6.16 semver Not specified
CNA Linux Linux unaffected 5.10.252 5.10.* semver Not specified
CNA Linux Linux unaffected 5.15.202 5.15.* semver Not specified
CNA Linux Linux unaffected 6.1.165 6.1.* semver Not specified
CNA Linux Linux unaffected 6.6.128 6.6.* semver Not specified
CNA Linux Linux unaffected 6.12.75 6.12.* semver Not specified
CNA Linux Linux unaffected 6.18.14 6.18.* semver Not specified
CNA Linux Linux unaffected 6.19.4 6.19.* semver Not specified
CNA Linux Linux unaffected 7.0 * original_commit_for_fix Not specified

References

ReferenceSourceLinkTags
git.kernel.org/stable/c/7b57ada854b32310f224abd61bcfec2d5790ff0a 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/2e6ff6a6fc69cc17ed10c9cb6242935d52acd52d 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/51838112d9c22502333c3085ca0c0d691e7093c6 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/2e9185a42e0e237c74435fd092b7c34537c62156 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/986455135b95f32c1f142068e451098fc751749e 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/507a1de58c21c95ad7c44afccaf1222d1c42246b 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/d8a73cc46c8462a969a7516131feb3096f4c49d3 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/1ca428769cb4737a25bd32fb4d1573cc09eeaeef 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report