CVE-2026-45974
Last modified
CVE-2026-45974 is a medium-severity vulnerability rated 5.5/10 on the CVSS scale. In the Linux kernel, the following vulnerability has been resolved: btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found If btrfs_search_slot_for_read() returns 1, it means we did not find any key greater than or equals to the key we asked for, meaning we have reached the end of the tree and therefore the path is not valid. If this happens we need to break out of the loop and stop, instead of continuing and accessing an invalid path.. EPSS estimates a 0.13% chance of exploitation in the next 30 days.
Description
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found If btrfs_search_slot_for_read() returns 1, it means we did not find any key greater than or equals to the key we asked for, meaning we have reached the end of the tree and therefore the path is not valid. If this happens we need to break out of the loop and stop, instead of continuing and accessing an invalid path.
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 5.9.7, < 5.10 |
| Linux | Linux Kernel | >= 5.10.1, < 5.10.252 |
| Linux | Linux Kernel | >= 5.11, < 5.15.202 |
| Linux | Linux Kernel | >= 5.16, < 6.1.165 |
| Linux | Linux Kernel | >= 6.2, < 6.6.128 |
| Linux | Linux Kernel | >= 6.7, < 6.12.75 |
| Linux | Linux Kernel | >= 6.13, < 6.18.14 |
| Linux | Linux Kernel | >= 6.19, < 6.19.4 |
| Linux | Linux Kernel | 5.10 |
References
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2026-45974?
How severe is CVE-2026-45974?
How do I fix CVE-2026-45974?
Are you affected by CVE-2026-45974?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST