CVE-2026-53040: In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate bg_bits during freefrag scan [BUG]
Summary
A crafted filesystem can crash the Linux kernel's OCFS2 file system driver when a user runs a specific diagnostic command (OCFS2_IOC_INFO with OCFS2_INFO_FL_NON_COHERENT flag), causing it to read memory beyond a data structure's boundaries. The bug happens because the code trusts an on-disk value (bg_bits, a bitmap size field) without validating it first, unlike the safer code path that does validate this value.
Solution / Mitigation
Compute the bitmap capacity from the filesystem format with ocfs2_group_bitmap_size(), report descriptors whose bg_bits exceeds that limit, and clamp the scan to the computed capacity.
Vulnerability Details
EPSS: 0.0%
June 24, 2026
Classification
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-53040
First tracked: June 25, 2026 at 08:22 AM
Classified by LLM (prompt v3) · confidence: 95%