PatchSiren cyber security CVE debrief
CVE-2026-31447 Linux CVE debrief
A vulnerability was found in the Linux kernel, specifically in the ext4 filesystem. The CVE record was published on 2026-04-22T14:16:38.577Z and has not been modified since then. The NVD entry is currently Modified. The vulnerability has a high CVSS score of 7.8 and is classified as HIGH severity. The issue arises from bigalloc with s_first_data_block != 0, which is not supported. Users of Linux kernel versions 3.2 to 7.0 (rc5) should be aware of this vulnerability.
- Vendor
- Linux
- Product
- Unknown
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-22
- Original CVE updated
- 2026-07-14
- Advisory published
- 2026-04-22
- Advisory updated
- 2026-07-14
Who should care
Users of Linux kernel versions 3.2 to 7.0 (rc5) should be aware of this vulnerability. Specifically, versions 3.2 to 5.10.253, 5.11 to 5.15.203, 5.16 to 6.1.168, 6.2 to 6.6.131, 6.7 to 6.12.80, 6.13 to 6.18.21, 6.19 to 6.19.11 are affected. Operators, platform administrators, vulnerability management teams, and security teams should prioritize patching.
Technical summary
The Linux kernel has a vulnerability in the ext4 filesystem that has been resolved. The issue is related to bigalloc with s_first_data_block != 0, which is not supported and causes the mount to be rejected. The CVSS score is 7.8 and the severity is HIGH. Affected Linux kernel versions include 3.2 to 5.10.253, 5.11 to 5.15.203, 5.16 to 6.1.168, 6.2 to 6.6.131, 6.7 to 6.12.80, 6.13 to 6.18.21, and 6.19 to 6.19.11. Users should apply patches from Linux kernel stable branches.
Defensive priority
High priority should be given to patching Linux kernel versions 3.2 to 7.0 (rc5) as the vulnerability has a high CVSS score of 7.8.
Recommended defensive actions
- Inventory and assess Linux kernel versions in use
- Apply patches from Linux kernel stable branches
- Monitor Linux kernel for any new patches or updates
- Consider compensating controls for affected systems
- Review and verify affected scope and severity with Linux kernel maintainers
- Track exceptions and retest remediated assets
- Check relevant monitoring, detection, and logs for exposed assets
Evidence notes
The CVE record was published on 2026-04-22T14:16:38.577Z and has not been modified since then. The NVD entry is currently Modified. The vulnerability affects Linux kernel versions 3.2 to 7.0 (rc5). Evidence is limited to public sources and may not be comprehensive. Defenders should verify affected scope and severity with Linux kernel maintainers and consider compensating controls.
Official resources
-
CVE-2026-31447 CVE record
CVE.org
-
CVE-2026-31447 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-04-22T14:16:38.577Z and has not been modified since then. The NVD entry is currently Modified.