Back to CVE List

CVE-2026-43127

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score
5.5 / 10
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved:

ntfs3: fix circular locking dependency in run_unpack_ex

Syzbot reported a circular locking dependency between wnd->rw_lock
(sbi->used.bitmap) and ni->file.run_lock.

The deadlock scenario:
1. ntfs_extend_mft() takes ni->file.run_lock then wnd->rw_lock.
2. run_unpack_ex() takes wnd->rw_lock then tries to acquire
ni->file.run_lock inside ntfs_refresh_zone().

This creates an AB-BA deadlock.

Fix this by using down_read_trylock() instead of down_read() when
acquiring run_lock in run_unpack_ex(). If the lock is contended,
skip ntfs_refresh_zone() - the MFT zone will be refreshed on the
next MFT operation. This breaks the circular dependency since we
never block waiting for run_lock while holding wnd->rw_lock.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-667
Source
NVD
Vendor
Linux
Product
Linux

External References

Discussion (0)

Add Comment

No comments yet. Be the first!