CVE-2026-46329 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: erofs: handle end of filesystem properly for file-backed mounts I/O requests beyond the end of the filesystem should be zeroed out, similar to loopback devices and that is what we expect.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/8d582d65d20bb4796db01b19e86909ad68cb337b
https://git.kernel.org/stable/c/bc804a8d7e865ef47fb7edcaf5e77d18bf444ebc
https://git.kernel.org/stable/c/e49abde0ffc382a967b24f326d1614ac3bb06a94
https://git.kernel.org/stable/c/fe4039034dcdf584afbf763787909e28e92a4927

History

Tue, 09 Jun 2026 13:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: erofs: handle end of filesystem properly for file-backed mounts I/O requests beyond the end of the filesystem should be zeroed out, similar to loopback devices and that is what we expect.
Title		erofs: handle end of filesystem properly for file-backed mounts
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/8d582d65d20bb4796db01b19e86909ad68cb337b https://git.kernel.org/stable/c/bc804a8d7e865ef47fb7edcaf5e77d18bf444ebc https://git.kernel.org/stable/c/e49abde0ffc382a967b24f326d1614ac3bb06a94 https://git.kernel.org/stable/c/fe4039034dcdf584afbf763787909e28e92a4927

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-06-09T12:25:58.520Z

Updated: 2026-06-09T12:25:58.520Z

Reserved: 2026-05-13T15:03:33.112Z

Link: CVE-2026-46329

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-06-09T14:16:42.620

Modified: 2026-06-09T14:16:42.620

Link: CVE-2026-46329

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-46329", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-05-13T15:03:33.112Z", "datePublished": "2026-06-09T12:25:58.520Z", "dateUpdated": "2026-06-09T12:25:58.520Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-06-09T12:25:58.520Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nerofs: handle end of filesystem properly for file-backed mounts\n\nI/O requests beyond the end of the filesystem should be zeroed out,\nsimilar to loopback devices and that is what we expect."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/erofs/fileio.c"], "versions": [{"version": "ce63cb62d794c98c7631c2296fa845f2a8d0a4a1", "lessThan": "8d582d65d20bb4796db01b19e86909ad68cb337b", "status": "affected", "versionType": "git"}, {"version": "ce63cb62d794c98c7631c2296fa845f2a8d0a4a1", "lessThan": "e49abde0ffc382a967b24f326d1614ac3bb06a94", "status": "affected", "versionType": "git"}, {"version": "ce63cb62d794c98c7631c2296fa845f2a8d0a4a1", "lessThan": "fe4039034dcdf584afbf763787909e28e92a4927", "status": "affected", "versionType": "git"}, {"version": "ce63cb62d794c98c7631c2296fa845f2a8d0a4a1", "lessThan": "bc804a8d7e865ef47fb7edcaf5e77d18bf444ebc", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/erofs/fileio.c"], "versions": [{"version": "6.12", "status": "affected"}, {"version": "0", "lessThan": "6.12", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.75", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.14", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.4", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.12", "versionEndExcluding": "6.12.75"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.12", "versionEndExcluding": "6.18.14"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.12", "versionEndExcluding": "6.19.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.12", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/8d582d65d20bb4796db01b19e86909ad68cb337b"}, {"url": "https://git.kernel.org/stable/c/e49abde0ffc382a967b24f326d1614ac3bb06a94"}, {"url": "https://git.kernel.org/stable/c/fe4039034dcdf584afbf763787909e28e92a4927"}, {"url": "https://git.kernel.org/stable/c/bc804a8d7e865ef47fb7edcaf5e77d18bf444ebc"}], "title": "erofs: handle end of filesystem properly for file-backed mounts", "x_generator": {"engine": "bippy-1.2.0"}}}}