HOMEVULNERABILITIESCVE-2026-31452
NONE

CVE-2026-31452

Published: April 22, 2026· Updated: Apr 23, 2026

EPSS:0.02%probability of exploitation in 30 daysPercentile:6.8th

Official Description

In the Linux kernel, the following vulnerability has been resolved:

ext4: convert inline data to extents when truncate exceeds inline size

Add a check in ext4_setattr() to convert files from inline data storage

to extent-based storage when truncate() grows the file size beyond the

inline capacity. This prevents the filesystem from entering an

inconsistent state where the inline data flag is set but the file size

exceeds what can be stored inline.

Without this fix, the following sequence causes a kernel BUG_ON():

1. Mount filesystem with inode that has inline flag set and small size

2. truncate(file, 50MB) - grows size but inline flag remains set

3. sendfile() attempts to write data

4. ext4_write_inline_data() hits BUG_ON(write_size > inline_capacity)

The crash occurs because ext4_write_inline_data() expects inline storage

to accommodate the write, but the actual inline capacity (~60 bytes for

i_block + ~96 bytes for xattrs) is far smaller than the file size and

write request.

The fix checks if the new size from setattr exceeds the inode's actual

inline capacity (EXT4_I(inode)->i_inline_size) and converts the file to

extent-based storage before proceeding with the size change.

This addresses the root cause by ensuring the inline data flag and file

size remain consistent during truncate operations.

NVD Source

Technical Analysis

CVE-2026-31452 requires local access, meaning attackers must already have a foothold on the target system.

Exploitation requires some privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

Affected Vendors & Products

Mentioned vendors (from description):
Linux
CPE data not yet available in NVD for this CVE.

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

All References (8)

Quick Facts

CVE IDCVE-2026-31452
SeverityNONE
CISA KEVNo
EPSS (30d)0.02%
PublishedApr 22, 2026

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2026-31452 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.