CVE-2026-23018

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contained a flaw in the btrfs subsystem where the path was released before the extent tree was initialized within the btrfs read locked inode() function. This could lead to a circular lock dependency, triggering a lockdep warning. The issue arises when calling btrfs init file extent tree() while holding a read-locked leaf from a subvolume tree, potentially causing a GFP KERNEL allocation and triggering reclaim. This circular dependency was observed during file system synchronization and inode eviction processes.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.