VDB
CVE-2026-31556
CVE-2026-31556
PUBLISHED
In the Linux kernel, the following vulnerability has been resolved: xfs: scrub: unlock dquot before early return in quota scrub xchk_quota_item can return early after calling xchk_fblock_process_error. When that helper returns false, the function returned immediately without dropping dq->q_qlock, which can leave the dquot lock held and risk lock leaks or deadlocks in later quota operations. Fix this by unlocking dq->q_qlock before the early return.
EPSS 0.02% · 3.2th percentile
Risk Scores
EPSS Score
0.02%
3.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux | 7.0, 0, 6.12.80 |
| linux | linux_kernel | 6.8, 6.8, 6.8 |
Timeline
- Apr 24, 2026 CVE Published
- Apr 24, 2026 Security Advisory
- May 11, 2026 CVE Updated
- May 18, 2026 EPSS Score
- May 19, 2026 EPSS Score
- May 20, 2026 EPSS Score
- May 21, 2026 EPSS Score
- May 22, 2026 EPSS Score
- May 23, 2026 EPSS Score
- May 24, 2026 EPSS Score
- May 25, 2026 EPSS Score
- May 26, 2026 EPSS Score
References
- https://git.kernel.org/stable/c/e822f535273af0e8968eab7acc0cea0b90dd25af url
- https://git.kernel.org/stable/c/3b0c3414b308e6822cda90bf99f7eac94d4cca2b url
- https://git.kernel.org/stable/c/d128fc0c5c2b19224927d4fd2a46c2fe6a1f606f url
- https://git.kernel.org/stable/c/268378b6ad20569af0d1957992de1c8b16c6e900 url
- https://nvd.nist.gov/vuln/detail/CVE-2026-31556 advisory
- https://lists.debian.org/debian-security-announce/2026/msg00154.html advisory
- https://lists.debian.org/debian-security-announce/2026/msg00148.html advisory