CVE-2026-23465

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the btrfs subsystem related to how it handles logging of directory entries (dentries) when a conflicting inode is encountered. Specifically, when logging the parent directory of a conflicting inode, the system fails to log the new dentries of that directory. This can lead to data loss in scenarios involving file system synchronization (fsync) followed by a power failure. The issue arises because the parent directory is marked as logged, but its new entries are not, resulting in a no-op fsync and subsequent loss of the new dentries after a system interruption. An example scenario involves creating, deleting, and recreating directories and files with the same name and parent, followed by an fsync operation on the parent directory. The fix involves ensuring that new directory entries are logged whenever the parent directory of a no longer existing conflicting inode is logged.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.