CVE-2026-46005 Linux CVE debrief

Who should care

Linux system administrators running XFS with DAX-enabled storage, kernel maintainers, and organizations using persistent memory or DAX-capable block devices with XFS filesystems.

Technical summary

The xfs_alloc_buftarg() function in the Linux kernel's XFS filesystem driver failed to release a DAX device reference on error paths, causing a resource leak. The fix adds fs_put_dax() to properly drop the reference when buffer target allocation fails. This affects systems using DAX (Direct Access) with XFS filesystems.

Defensive priority

medium

Recommended defensive actions

• Apply kernel updates containing the xfs_alloc_buftarg() fix when available from your Linux distribution
• Monitor for stable kernel backports referencing commits 28a6c132b8c6, 29a7b2614357, 5804cb507233, 5c293a1e1ef0, or 82fb9da6477d
• Review systems using DAX-enabled XFS filesystems for potential resource exhaustion indicators
• Validate XFS mount operations complete successfully without error path triggering
• Consider disabling DAX on XFS filesystems where not strictly required until patched
• Audit kernel logs for xfs_alloc_buftarg failure patterns that might indicate exploitation attempts

Evidence notes

The CVE description confirms this is a resource leak fix in xfs_alloc_buftarg() where fs_put_dax() was missing from error paths. Multiple stable kernel commits are referenced, indicating backports across kernel versions. The fix adds proper DAX device reference cleanup when buffer target allocation fails.

Official resources