{"id":"CVE-2026-43065","summary":"ext4: always drain queued discard work in ext4_mb_release()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\next4: always drain queued discard work in ext4_mb_release()\n\nWhile reviewing recent ext4 patch[1], Sashiko raised the following\nconcern[2]:\n\n\u003e If the filesystem is initially mounted with the discard option,\n\u003e deleting files will populate sbi-\u003es_discard_list and queue\n\u003e s_discard_work. If it is then remounted with nodiscard, the\n\u003e EXT4_MOUNT_DISCARD flag is cleared, but the pending s_discard_work is\n\u003e neither cancelled nor flushed.\n\n[1] https://lore.kernel.org/r/20260319094545.19291-1-qiang.zhang@linux.dev/\n[2] https://sashiko.dev/#/patchset/20260319094545.19291-1-qiang.zhang%40linux.dev\n\nThe concern was valid, but it had nothing to do with the patch[1].\nOne of the problems with Sashiko in its current (early) form is that\nit will detect pre-existing issues and report it as a problem with the\npatch that it is reviewing.\n\nIn practice, it would be hard to hit deliberately (unless you are a\nmalicious syzkaller fuzzer), since it would involve mounting the file\nsystem with -o discard, and then deleting a large number of files,\nremounting the file system with -o nodiscard, and then immediately\nunmounting the file system before the queued discard work has a change\nto drain on its own.\n\nFix it because it's a real bug, and to avoid Sashiko from raising this\nconcern when analyzing future patches to mballoc.c.","modified":"2026-07-15T01:49:16.818430887Z","published":"2026-05-05T15:23:25.326Z","related":["SUSE-SU-2026:22099-1","SUSE-SU-2026:22108-1","SUSE-SU-2026:22112-1","SUSE-SU-2026:22117-1","SUSE-SU-2026:22127-1","SUSE-SU-2026:22137-1","SUSE-SU-2026:22433-1","SUSE-SU-2026:22458-1","SUSE-SU-2026:2482-1","SUSE-SU-2026:2591-1","openSUSE-SU-2026:20965-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43065.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/1c82f863f090ab899085bdfade073313384b514b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/812b6a7cd3e7f3a3e8a24db85bc6313c26cb1098"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9b4d9dda6a71ad3425c8109d27c4c6bfb9da97b8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9ee29d20aab228adfb02ca93f87fb53c56c2f3af"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b4737e26d4688b8aea88ad6ea4dbfeb6e78b0327"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c360e9d0def4f4ae03254a67c683103908555b75"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e96c2354b170aaa53300c8e8fd59e41b133160f7"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43065.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43065"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"55cdd0af2bc5ffc92a2deb745627755aecd5db33"},{"fixed":"e96c2354b170aaa53300c8e8fd59e41b133160f7"},{"fixed":"c360e9d0def4f4ae03254a67c683103908555b75"},{"fixed":"1c82f863f090ab899085bdfade073313384b514b"},{"fixed":"9b4d9dda6a71ad3425c8109d27c4c6bfb9da97b8"},{"fixed":"812b6a7cd3e7f3a3e8a24db85bc6313c26cb1098"},{"fixed":"b4737e26d4688b8aea88ad6ea4dbfeb6e78b0327"},{"fixed":"9ee29d20aab228adfb02ca93f87fb53c56c2f3af"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43065.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.15.0"},{"fixed":"5.15.203"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.168"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.131"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.80"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.18.21"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.19.0"},{"fixed":"6.19.11"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43065.json"}}],"schema_version":"1.7.5"}