CVE-2026-31715

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free condition exists in the f2fs component of the Linux kernel. The issue occurs in the f2fs write end io() function when sbi->nr pages[F2FS WB CP DATA] is decremented to zero. This can lead to a NULL pointer dereference in the f2fs in warm node list() function because f2fs put super() may set sbi->node inode to NULL concurrently. This race condition results in a system panic when the kernel attempts to check if a folio belongs to the node inode.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.