{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-53049", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-06-09T07:44:35.381Z", "datePublished": "2026-06-24T16:29:55.190Z", "dateUpdated": "2026-06-28T06:38:35.320Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-06-28T06:38:35.320Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: add some missing log locking\n\nFunction gfs2_logd() calls the log flushing functions gfs2_ail1_start(),\ngfs2_ail1_wait(), and gfs2_ail1_empty() without holding sdp->sd_log_flush_lock,\nbut these functions require exclusion against concurrent transactions.\n\nTo fix that, add a non-locking __gfs2_log_flush() function. Then, in\ngfs2_logd(), take sdp->sd_log_flush_lock before calling the above mentioned log\nflushing functions and __gfs2_log_flush()."}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL"}}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/gfs2/log.c"], "versions": [{"version": "5e4c7632aae1cce137792647f4fb6f599d1da893", "lessThan": "3b28eb75afe520972bacc833850c2b30aa0824cd", "status": "affected", "versionType": "git"}, {"version": "5e4c7632aae1cce137792647f4fb6f599d1da893", "lessThan": "ca95342cb1b39062a03c115830286f0a426053d5", "status": "affected", "versionType": "git"}, {"version": "5e4c7632aae1cce137792647f4fb6f599d1da893", "lessThan": "bf5fcd9c37c2546beaf7b401d31aefd89017dc3d", "status": "affected", "versionType": "git"}, {"version": "5e4c7632aae1cce137792647f4fb6f599d1da893", "lessThan": "f2f225cf505ac016132ded21690f3ba0a080a4e8", "status": "affected", "versionType": "git"}, {"version": "5e4c7632aae1cce137792647f4fb6f599d1da893", "lessThan": "49d9be0722da3a4a893ba905720cba1921834ec3", "status": "affected", "versionType": "git"}, {"version": "5e4c7632aae1cce137792647f4fb6f599d1da893", "lessThan": "98e8bf249c790d56de1abc4a5f8bd68035a00921", "status": "affected", "versionType": "git"}, {"version": "5e4c7632aae1cce137792647f4fb6f599d1da893", "lessThan": "fe2c8d051150b90b3ccb85f89e3b1d636cb88ec8", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/gfs2/log.c"], "versions": [{"version": "5.7", "status": "affected"}, {"version": "0", "lessThan": "5.7", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.209", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.175", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.141", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.91", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.33", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0.10", "lessThanOrEqual": "7.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "5.15.209"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "6.1.175"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "6.6.141"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "6.12.91"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "6.18.33"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "7.0.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "7.1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/3b28eb75afe520972bacc833850c2b30aa0824cd"}, {"url": "https://git.kernel.org/stable/c/ca95342cb1b39062a03c115830286f0a426053d5"}, {"url": "https://git.kernel.org/stable/c/bf5fcd9c37c2546beaf7b401d31aefd89017dc3d"}, {"url": "https://git.kernel.org/stable/c/f2f225cf505ac016132ded21690f3ba0a080a4e8"}, {"url": "https://git.kernel.org/stable/c/49d9be0722da3a4a893ba905720cba1921834ec3"}, {"url": "https://git.kernel.org/stable/c/98e8bf249c790d56de1abc4a5f8bd68035a00921"}, {"url": "https://git.kernel.org/stable/c/fe2c8d051150b90b3ccb85f89e3b1d636cb88ec8"}], "title": "gfs2: add some missing log locking", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{}

{"bugzilla": {"description": "kernel: gfs2: add some missing log locking", "id": "2492276", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2492276"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-414", "details": ["A flaw was found in the Linux kernel's Global File System 2 (GFS2) component. The `gfs2_logd()` function, responsible for log flushing, calls several log flushing functions without holding the required lock. This omission allows concurrent transactions to access shared resources without proper exclusion, which could lead to race conditions. Such conditions may result in system instability or data corruption, potentially causing a Denial of Service (DoS)."], "name": "CVE-2026-53049", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-06-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-53049\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-53049\nhttps://lore.kernel.org/linux-cve-announce/2026062459-CVE-2026-53049-7013@gregkh/T"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[5e4c7632aae1cce137792647f4fb6f599d1da893,3b28eb75afe520972bacc833850c2b30aa0824cd)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[5e4c7632aae1cce137792647f4fb6f599d1da893,ca95342cb1b39062a03c115830286f0a426053d5)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[5e4c7632aae1cce137792647f4fb6f599d1da893,bf5fcd9c37c2546beaf7b401d31aefd89017dc3d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[5e4c7632aae1cce137792647f4fb6f599d1da893,f2f225cf505ac016132ded21690f3ba0a080a4e8)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[5e4c7632aae1cce137792647f4fb6f599d1da893,49d9be0722da3a4a893ba905720cba1921834ec3)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[5e4c7632aae1cce137792647f4fb6f599d1da893,98e8bf249c790d56de1abc4a5f8bd68035a00921)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[5e4c7632aae1cce137792647f4fb6f599d1da893,fe2c8d051150b90b3ccb85f89e3b1d636cb88ec8)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "5.7"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,5.7)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[5.15.209,5.16.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.1.175,6.2.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.6.141,6.7.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.12.91,6.13.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.33,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[7.0.10,7.1.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[7.1,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "created": "2026-06-24T19:30:08.642946+00:00", "updated": "2026-06-28T14:45:17.268644+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}