AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2026-23109: In the Linux kernel, the following vulnerability has been resolved: fs/writeback: skip AS_NO_DATA_INTEGRITY mappings in

infovulnerability

security

Source: NVD/CVE DatabaseFebruary 4, 2026CVE-2026-23109

Summary

A Linux kernel vulnerability allowed the system to hang indefinitely when waiting for data to be written to disk, particularly when using fuse (a file system that lets user-space programs handle file operations). The problem occurred because the system was waiting for data integrity on file systems that don't guarantee it. When a faulty fuse server stopped responding to write requests, the wait_sb_inodes() function would hang forever.

Solution / Mitigation

The fix skips AS_NO_DATA_INTEGRITY mappings (file systems that don't guarantee data integrity semantics) in the wait_sb_inodes() function, allowing the system to skip waiting for these inodes entirely. This restores fuse to its prior behavior where syncs (operations that flush data to disk) become no-ops (operations that do nothing).

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Classification

Attack SophisticationModerate

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-23109

First tracked: February 15, 2026 at 08:36 PM

Classified by LLM (prompt v3) · confidence: 95%