{"api_version":"1","generated_at":"2026-06-02T09:41:57+00:00","cve":"CVE-2026-46080","urls":{"html":"https://cve.report/CVE-2026-46080","api":"https://cve.report/api/cve/CVE-2026-46080.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-46080","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-46080"},"summary":{"title":"ocfs2: split transactions in dio completion to avoid credit exhaustion","description":"In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: split transactions in dio completion to avoid credit exhaustion\n\nDuring ocfs2 dio operations, JBD2 may report warnings via following\ncall trace:\nocfs2_dio_end_io_write\n ocfs2_mark_extent_written\n  ocfs2_change_extent_flag\n   ocfs2_split_extent\n    ocfs2_try_to_merge_extent\n     ocfs2_extend_rotate_transaction\n      ocfs2_extend_trans\n       jbd2__journal_restart\n        start_this_handle\n         output: JBD2: kworker/6:2 wants too many credits credits:5450 rsv_credits:0 max:5449\n\nTo prevent exceeding the credits limit, modify ocfs2_dio_end_io_write() to\nhandle extents in a batch of transaction.\n\nAdditionally, relocate ocfs2_del_inode_from_orphan().  The orphan inode\nshould only be removed from the orphan list after the extent tree update\nis complete.  This ensures that if a crash occurs in the middle of extent\ntree updates, we won't leave stale blocks beyond EOF.\n\nThis patch also changes the logic for updating the inode size and removing\norphan, making it similar to ext4_dio_write_end_io().  Both operations are\nperformed only when everything looks good.\n\nFinally, thanks to Jans and Joseph for providing the bug fix prototype and\nsuggestions.","state":"PUBLISHED","assigner":"Linux","published_at":"2026-05-27 14:17:29","updated_at":"2026-06-01 17:17:23"},"problem_types":[],"metrics":[],"references":[{"url":"https://git.kernel.org/stable/c/3c636a3edca9c3f180b3079f94fe7e115730d9c6","name":"https://git.kernel.org/stable/c/3c636a3edca9c3f180b3079f94fe7e115730d9c6","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/97c03c0e9f73a5049794b3c69ee60fb5e8b0ebd8","name":"https://git.kernel.org/stable/c/97c03c0e9f73a5049794b3c69ee60fb5e8b0ebd8","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/ea5bb1d20da756e4f41a48dad42b2e7d6e73f71e","name":"https://git.kernel.org/stable/c/ea5bb1d20da756e4f41a48dad42b2e7d6e73f71e","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/069c3fb310e9336cf48cfdf8748a32c29fd0193d","name":"https://git.kernel.org/stable/c/069c3fb310e9336cf48cfdf8748a32c29fd0193d","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/d647c5b2fbf81560818dacade360abc8c00a9665","name":"https://git.kernel.org/stable/c/d647c5b2fbf81560818dacade360abc8c00a9665","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/1e99bb19994246514d63e656492904176f9d5edd","name":"https://git.kernel.org/stable/c/1e99bb19994246514d63e656492904176f9d5edd","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/91e05ac2336d00d5b99fc774be4bd50039084796","name":"https://git.kernel.org/stable/c/91e05ac2336d00d5b99fc774be4bd50039084796","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/886f97fa59d0bbfa9859fb1a66dd9e014b522d89","name":"https://git.kernel.org/stable/c/886f97fa59d0bbfa9859fb1a66dd9e014b522d89","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-46080","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-46080","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected c15471f79506830f80eca0e7fe09b8213953ab5f 97c03c0e9f73a5049794b3c69ee60fb5e8b0ebd8 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected c15471f79506830f80eca0e7fe09b8213953ab5f 1e99bb19994246514d63e656492904176f9d5edd git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected c15471f79506830f80eca0e7fe09b8213953ab5f 91e05ac2336d00d5b99fc774be4bd50039084796 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected c15471f79506830f80eca0e7fe09b8213953ab5f 886f97fa59d0bbfa9859fb1a66dd9e014b522d89 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected c15471f79506830f80eca0e7fe09b8213953ab5f ea5bb1d20da756e4f41a48dad42b2e7d6e73f71e git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected c15471f79506830f80eca0e7fe09b8213953ab5f 3c636a3edca9c3f180b3079f94fe7e115730d9c6 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected c15471f79506830f80eca0e7fe09b8213953ab5f 069c3fb310e9336cf48cfdf8748a32c29fd0193d git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected c15471f79506830f80eca0e7fe09b8213953ab5f d647c5b2fbf81560818dacade360abc8c00a9665 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 4.6","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 4.6 semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 5.10.258 5.10.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 5.15.209 5.15.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.1.175 6.1.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.6.140 6.6.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.12.86 6.12.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.18.27 6.18.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 7.0.4 7.0.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 7.1-rc1 * original_commit_for_fix","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"46080","cve":"CVE-2026-46080","epss":"0.000180000","percentile":"0.050770000","score_date":"2026-06-01","updated_at":"2026-06-02 00:05:19"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Linux","programFiles":["fs/ocfs2/aops.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"lessThan":"97c03c0e9f73a5049794b3c69ee60fb5e8b0ebd8","status":"affected","version":"c15471f79506830f80eca0e7fe09b8213953ab5f","versionType":"git"},{"lessThan":"1e99bb19994246514d63e656492904176f9d5edd","status":"affected","version":"c15471f79506830f80eca0e7fe09b8213953ab5f","versionType":"git"},{"lessThan":"91e05ac2336d00d5b99fc774be4bd50039084796","status":"affected","version":"c15471f79506830f80eca0e7fe09b8213953ab5f","versionType":"git"},{"lessThan":"886f97fa59d0bbfa9859fb1a66dd9e014b522d89","status":"affected","version":"c15471f79506830f80eca0e7fe09b8213953ab5f","versionType":"git"},{"lessThan":"ea5bb1d20da756e4f41a48dad42b2e7d6e73f71e","status":"affected","version":"c15471f79506830f80eca0e7fe09b8213953ab5f","versionType":"git"},{"lessThan":"3c636a3edca9c3f180b3079f94fe7e115730d9c6","status":"affected","version":"c15471f79506830f80eca0e7fe09b8213953ab5f","versionType":"git"},{"lessThan":"069c3fb310e9336cf48cfdf8748a32c29fd0193d","status":"affected","version":"c15471f79506830f80eca0e7fe09b8213953ab5f","versionType":"git"},{"lessThan":"d647c5b2fbf81560818dacade360abc8c00a9665","status":"affected","version":"c15471f79506830f80eca0e7fe09b8213953ab5f","versionType":"git"}]},{"defaultStatus":"affected","product":"Linux","programFiles":["fs/ocfs2/aops.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"status":"affected","version":"4.6"},{"lessThan":"4.6","status":"unaffected","version":"0","versionType":"semver"},{"lessThanOrEqual":"5.10.*","status":"unaffected","version":"5.10.258","versionType":"semver"},{"lessThanOrEqual":"5.15.*","status":"unaffected","version":"5.15.209","versionType":"semver"},{"lessThanOrEqual":"6.1.*","status":"unaffected","version":"6.1.175","versionType":"semver"},{"lessThanOrEqual":"6.6.*","status":"unaffected","version":"6.6.140","versionType":"semver"},{"lessThanOrEqual":"6.12.*","status":"unaffected","version":"6.12.86","versionType":"semver"},{"lessThanOrEqual":"6.18.*","status":"unaffected","version":"6.18.27","versionType":"semver"},{"lessThanOrEqual":"7.0.*","status":"unaffected","version":"7.0.4","versionType":"semver"},{"lessThanOrEqual":"*","status":"unaffected","version":"7.1-rc1","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.10.258","versionStartIncluding":"4.6","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.15.209","versionStartIncluding":"4.6","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.1.175","versionStartIncluding":"4.6","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.6.140","versionStartIncluding":"4.6","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.12.86","versionStartIncluding":"4.6","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.18.27","versionStartIncluding":"4.6","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"7.0.4","versionStartIncluding":"4.6","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"7.1-rc1","versionStartIncluding":"4.6","vulnerable":true}],"negate":false,"operator":"OR"}]}],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: split transactions in dio completion to avoid credit exhaustion\n\nDuring ocfs2 dio operations, JBD2 may report warnings via following\ncall trace:\nocfs2_dio_end_io_write\n ocfs2_mark_extent_written\n  ocfs2_change_extent_flag\n   ocfs2_split_extent\n    ocfs2_try_to_merge_extent\n     ocfs2_extend_rotate_transaction\n      ocfs2_extend_trans\n       jbd2__journal_restart\n        start_this_handle\n         output: JBD2: kworker/6:2 wants too many credits credits:5450 rsv_credits:0 max:5449\n\nTo prevent exceeding the credits limit, modify ocfs2_dio_end_io_write() to\nhandle extents in a batch of transaction.\n\nAdditionally, relocate ocfs2_del_inode_from_orphan().  The orphan inode\nshould only be removed from the orphan list after the extent tree update\nis complete.  This ensures that if a crash occurs in the middle of extent\ntree updates, we won't leave stale blocks beyond EOF.\n\nThis patch also changes the logic for updating the inode size and removing\norphan, making it similar to ext4_dio_write_end_io().  Both operations are\nperformed only when everything looks good.\n\nFinally, thanks to Jans and Joseph for providing the bug fix prototype and\nsuggestions."}],"providerMetadata":{"dateUpdated":"2026-06-01T16:18:07.817Z","orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux"},"references":[{"url":"https://git.kernel.org/stable/c/97c03c0e9f73a5049794b3c69ee60fb5e8b0ebd8"},{"url":"https://git.kernel.org/stable/c/1e99bb19994246514d63e656492904176f9d5edd"},{"url":"https://git.kernel.org/stable/c/91e05ac2336d00d5b99fc774be4bd50039084796"},{"url":"https://git.kernel.org/stable/c/886f97fa59d0bbfa9859fb1a66dd9e014b522d89"},{"url":"https://git.kernel.org/stable/c/ea5bb1d20da756e4f41a48dad42b2e7d6e73f71e"},{"url":"https://git.kernel.org/stable/c/3c636a3edca9c3f180b3079f94fe7e115730d9c6"},{"url":"https://git.kernel.org/stable/c/069c3fb310e9336cf48cfdf8748a32c29fd0193d"},{"url":"https://git.kernel.org/stable/c/d647c5b2fbf81560818dacade360abc8c00a9665"}],"title":"ocfs2: split transactions in dio completion to avoid credit exhaustion","x_generator":{"engine":"bippy-1.2.0"}}},"cveMetadata":{"assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","assignerShortName":"Linux","cveId":"CVE-2026-46080","datePublished":"2026-05-27T12:58:17.103Z","dateReserved":"2026-05-13T15:03:33.096Z","dateUpdated":"2026-06-01T16:18:07.817Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-05-27 14:17:29","lastModifiedDate":"2026-06-01 17:17:23","problem_types":[],"metrics":[],"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"46080","Ordinal":"1","Title":"ocfs2: split transactions in dio completion to avoid credit exha","CVE":"CVE-2026-46080","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"46080","Ordinal":"1","NoteData":"In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: split transactions in dio completion to avoid credit exhaustion\n\nDuring ocfs2 dio operations, JBD2 may report warnings via following\ncall trace:\nocfs2_dio_end_io_write\n ocfs2_mark_extent_written\n  ocfs2_change_extent_flag\n   ocfs2_split_extent\n    ocfs2_try_to_merge_extent\n     ocfs2_extend_rotate_transaction\n      ocfs2_extend_trans\n       jbd2__journal_restart\n        start_this_handle\n         output: JBD2: kworker/6:2 wants too many credits credits:5450 rsv_credits:0 max:5449\n\nTo prevent exceeding the credits limit, modify ocfs2_dio_end_io_write() to\nhandle extents in a batch of transaction.\n\nAdditionally, relocate ocfs2_del_inode_from_orphan().  The orphan inode\nshould only be removed from the orphan list after the extent tree update\nis complete.  This ensures that if a crash occurs in the middle of extent\ntree updates, we won't leave stale blocks beyond EOF.\n\nThis patch also changes the logic for updating the inode size and removing\norphan, making it similar to ext4_dio_write_end_io().  Both operations are\nperformed only when everything looks good.\n\nFinally, thanks to Jans and Joseph for providing the bug fix prototype and\nsuggestions.","Type":"Description","Title":"ocfs2: split transactions in dio completion to avoid credit exha"}]}}}