CVE-2026-53015
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
erofs: unify lcn as u64 for 32-bit platforms
As sashiko reported [1], lcn was typed as unsigned long (or
unsigned int sometimes), which is only 32 bits wide on 32-bit
platforms, which causes (lcn << lclusterbits) to be truncated
at 4 GiB.
In order to consolidate the logic, just use u64 consistently
around the codebase.
[1] https://sashiko.dev/r/20260420034612.1899973-1-hsiangkao%40linux.alibaba.com
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 152a333a589560bee002e4c96761f1b560a5793c < 4fc9b12e43a3f19a01a8fb61f7961be79de20253 | affected |
| Linux | Linux | 152a333a589560bee002e4c96761f1b560a5793c < 858e4d98a86adf34584767388deb6c9b217f70c5 | affected |
| Linux | Linux | 152a333a589560bee002e4c96761f1b560a5793c < 582b0bf201157632cb5474c885989a6ebda46521 | affected |
| Linux | Linux | 152a333a589560bee002e4c96761f1b560a5793c < 2d8c7edcb661812249469f4a5b62e9339118846f | affected |
| Linux | Linux | 5.3 | affected |
| Linux | Linux | 0 < 5.3 | unaffected |
| Linux | Linux | 6.12.91 <= 6.12.* | unaffected |
| Linux | Linux | 6.18.33 <= 6.18.* | unaffected |
| Linux | Linux | 7.0.10 <= 7.0.* | unaffected |
| Linux | Linux | 7.1 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/4fc9b12e43a3f19a01a8fb61f7961be79de20253
- https://git.kernel.org/stable/c/858e4d98a86adf34584767388deb6c9b217f70c5
- https://git.kernel.org/stable/c/582b0bf201157632cb5474c885989a6ebda46521
- https://git.kernel.org/stable/c/2d8c7edcb661812249469f4a5b62e9339118846f
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.