{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-45974", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-05-13T15:03:33.090Z", "datePublished": "2026-05-27T12:18:33.107Z", "dateUpdated": "2026-05-27T12:18:33.107Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-27T12:18:33.107Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found\n\nIf btrfs_search_slot_for_read() returns 1, it means we did not find any\nkey greater than or equals to the key we asked for, meaning we have\nreached the end of the tree and therefore the path is not valid. If\nthis happens we need to break out of the loop and stop, instead of\ncontinuing and accessing an invalid path."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/btrfs/qgroup.c"], "versions": [{"version": "5223cc60b40ae525ae6c94e98824129f1a5b4ae5", "lessThan": "023545e272f369d487e6a986c1e321c6e04be1da", "status": "affected", "versionType": "git"}, {"version": "5223cc60b40ae525ae6c94e98824129f1a5b4ae5", "lessThan": "fd4913a53e3b54ad7e161847291439fe445d6356", "status": "affected", "versionType": "git"}, {"version": "5223cc60b40ae525ae6c94e98824129f1a5b4ae5", "lessThan": "b5b8ade9da452086e78f5d519b90d3769e354853", "status": "affected", "versionType": "git"}, {"version": "5223cc60b40ae525ae6c94e98824129f1a5b4ae5", "lessThan": "1ee1d006c9fe4d6be5527ab1c84216b80cccbe40", "status": "affected", "versionType": "git"}, {"version": "5223cc60b40ae525ae6c94e98824129f1a5b4ae5", "lessThan": "0761447f6f51e1c7997960d8e6559337deed6729", "status": "affected", "versionType": "git"}, {"version": "5223cc60b40ae525ae6c94e98824129f1a5b4ae5", "lessThan": "d7cf2314dd5e8661c05d076cd627eea9a7f76616", "status": "affected", "versionType": "git"}, {"version": "5223cc60b40ae525ae6c94e98824129f1a5b4ae5", "lessThan": "b2bd557b75b760e4b9d209112bda19314bd64558", "status": "affected", "versionType": "git"}, {"version": "5223cc60b40ae525ae6c94e98824129f1a5b4ae5", "lessThan": "ecb7c2484cfc83a93658907580035a8adf1e0a92", "status": "affected", "versionType": "git"}, {"version": "ecce1be9f2a366990d0e75dd249fb324e83c34a9", "status": "affected", "versionType": "git"}, {"version": "5.9.7", "lessThan": "5.10", "status": "affected", "versionType": "semver"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/btrfs/qgroup.c"], "versions": [{"version": "5.10", "status": "affected"}, {"version": "0", "lessThan": "5.10", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.252", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.202", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.165", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.128", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.75", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.14", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.4", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "5.10.252"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "5.15.202"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "6.1.165"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "6.6.128"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "6.12.75"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "6.18.14"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "6.19.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "7.0"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.9.7"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/023545e272f369d487e6a986c1e321c6e04be1da"}, {"url": "https://git.kernel.org/stable/c/fd4913a53e3b54ad7e161847291439fe445d6356"}, {"url": "https://git.kernel.org/stable/c/b5b8ade9da452086e78f5d519b90d3769e354853"}, {"url": "https://git.kernel.org/stable/c/1ee1d006c9fe4d6be5527ab1c84216b80cccbe40"}, {"url": "https://git.kernel.org/stable/c/0761447f6f51e1c7997960d8e6559337deed6729"}, {"url": "https://git.kernel.org/stable/c/d7cf2314dd5e8661c05d076cd627eea9a7f76616"}, {"url": "https://git.kernel.org/stable/c/b2bd557b75b760e4b9d209112bda19314bd64558"}, {"url": "https://git.kernel.org/stable/c/ecb7c2484cfc83a93658907580035a8adf1e0a92"}], "title": "btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found\n\nIf btrfs_search_slot_for_read() returns 1, it means we did not find any\nkey greater than or equals to the key we asked for, meaning we have\nreached the end of the tree and therefore the path is not valid. If\nthis happens we need to break out of the loop and stop, instead of\ncontinuing and accessing an invalid path."}], "id": "CVE-2026-45974", "lastModified": "2026-05-27T14:48:03.013", "metrics": {}, "published": "2026-05-27T14:17:14.430", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/023545e272f369d487e6a986c1e321c6e04be1da"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/0761447f6f51e1c7997960d8e6559337deed6729"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/1ee1d006c9fe4d6be5527ab1c84216b80cccbe40"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b2bd557b75b760e4b9d209112bda19314bd64558"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b5b8ade9da452086e78f5d519b90d3769e354853"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d7cf2314dd5e8661c05d076cd627eea9a7f76616"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ecb7c2484cfc83a93658907580035a8adf1e0a92"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/fd4913a53e3b54ad7e161847291439fe445d6356"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found", "id": "2481970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481970"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-390", "details": ["A flaw was found in the Linux kernel's btrfs filesystem. The `btrfs_quota_enable()` function contains a logic error where it attempts to access an invalid memory location if a specific key is not found during a search operation. This incorrect handling of search results can lead to invalid leaf access, potentially causing system instability or a denial of service (DoS) for affected systems."], "name": "CVE-2026-45974", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-05-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-45974\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-45974\nhttps://lore.kernel.org/linux-cve-announce/2026052737-CVE-2026-45974-c88c@gregkh/T"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[5223cc60b40ae525ae6c94e98824129f1a5b4ae5,023545e272f369d487e6a986c1e321c6e04be1da)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[5223cc60b40ae525ae6c94e98824129f1a5b4ae5,fd4913a53e3b54ad7e161847291439fe445d6356)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[5223cc60b40ae525ae6c94e98824129f1a5b4ae5,b5b8ade9da452086e78f5d519b90d3769e354853)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[5223cc60b40ae525ae6c94e98824129f1a5b4ae5,1ee1d006c9fe4d6be5527ab1c84216b80cccbe40)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[5223cc60b40ae525ae6c94e98824129f1a5b4ae5,0761447f6f51e1c7997960d8e6559337deed6729)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[5223cc60b40ae525ae6c94e98824129f1a5b4ae5,d7cf2314dd5e8661c05d076cd627eea9a7f76616)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[5223cc60b40ae525ae6c94e98824129f1a5b4ae5,b2bd557b75b760e4b9d209112bda19314bd64558)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[5223cc60b40ae525ae6c94e98824129f1a5b4ae5,ecb7c2484cfc83a93658907580035a8adf1e0a92)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "ecce1be9f2a366990d0e75dd249fb324e83c34a9"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[5.9.7,5.10)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "5.10"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,5.10)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[5.10.252,5.10.*]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[5.15.202,5.15.*]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.1.165,6.1.*]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.6.128,6.6.*]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.12.75,6.12.*]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.14,6.18.*]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.19.4,6.19.*]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[7.0,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "created": "2026-05-27T19:00:16.893492+00:00", "updated": "2026-05-27T21:00:13.567861+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"], "weaknesses": ["CWE-119", "CWE-20"]}