CVE-2026-45974 Linux CVE debrief

Who should care

Linux system administrators running Btrfs filesystems with quota functionality enabled; security teams tracking kernel-level filesystem vulnerabilities; organizations with infrastructure dependent on Btrfs for storage management

Technical summary

The vulnerability exists in fs/btrfs/qgroup.c in the btrfs_quota_enable() function. When iterating through the filesystem tree to locate reference keys, btrfs_search_slot_for_read() may return 1 to indicate that no key greater than or equal to the search key exists—effectively signaling end-of-tree. The existing code fails to check for this return value and continues processing, resulting in access to an invalid path structure. The fix adds proper handling to break from the loop when this condition occurs. The issue affects multiple stable kernel branches and has been patched across 5.4, 5.10, 5.15, 6.1, 6.6, 6.10, and 6.11-rc series.

Defensive priority

medium

Recommended defensive actions

• Apply kernel updates from your Linux distribution that include the Btrfs quota fix for CVE-2026-45974
• Verify running kernel version is at or above patched versions: 5.4.284, 5.10.225, 5.15.166, 6.1.107, 6.6.48, 6.10.7, or 6.11-rc4
• Monitor distribution security advisories for kernel package availability
• Review systems with Btrfs quotas enabled for any anomalous behavior during quota operations
• Consider disabling Btrfs quotas temporarily on critical systems if patching is delayed and quota functionality is not required

Evidence notes

Vulnerability description sourced from official CVE record and NVD entry. Patch commits identified in kernel.org stable repositories. No CVSS score or severity rating has been assigned by NVD as of the modified date.

Official resources