CVE-2026-31648

Name of the Vulnerable Software and Affected Versions Linux kernel version 7.0-rc3

Description An integer overflow occurs in the nr pages calculation within the filemap map pages() function. This issue can be triggered during a race condition where the inode size is shrunk via ext4 setattr() while filemap map pages() is executing. The overflow causes the set pte range() function to map a range that exceeds the folio size, which can lead to the corruption of page fields such as page-> mapcount and result in system crashes characterized by bad page states.

Recommendations As a temporary workaround, consider restricting the use of the filemap map pages() function or the associated file mapping operations until a patch is applied.