CVE-2026-23233

Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.6 and later

Description A flaw exists in the f2fs filesystem within the Linux kernel related to swapfile handling. Specifically, the check swap activate() function incorrectly maps physical blocks when a swapfile is smaller than the f2fs section size (2MB), fragmented, and used with kernel versions 6.6 and later. This incorrect mapping can lead to data corruption, potentially causing dm-verity errors, device reboots, or f2fs node corruption resulting in boot failures. The issue arises because the function fails to map subsequent extents of the swapfile when the first extent is not aligned to section boundaries, leading to subsequent swap writes overwriting incorrect physical locations. The problematic code is located in the check swap activate() function within fs/f2fs/data.c.

Recommendations Update to a newer kernel version that addresses this issue.