CVE-2026-46089 Linux CVE debrief

Who should care

System administrators running Linux systems with zram enabled for swap or compressed block storage; kernel maintainers and distribution packagers; developers of storage management tools that issue discard operations.

Technical summary

The zram compressed RAM block device driver in the Linux kernel contains a bug where partial discard requests are not properly completed. When a discard operation with a partial block size (e.g., 4KB on a system with 64KB pages) is submitted to /dev/zram0, the driver recognizes it cannot process the partial discard and returns early. However, it fails to call bio_endio() to signal completion, causing the submitting process to sleep indefinitely in submit_bio_wait(). The fix redirects the early return path to the end_bio label to ensure proper I/O completion.

Defensive priority

medium

Recommended defensive actions

• Apply kernel updates containing the referenced stable branch commits when available from your Linux distribution
• Monitor NVD for CVSS scoring once analysis is complete
• Review systems using zram for swap or compressed block storage
• Test blkdiscard operations on zram devices after patching to verify resolution

Evidence notes

CVE published 2026-05-27. Linux kernel stable branch commits provided as references. No CVSS score assigned; NVD status is Awaiting Analysis. Not listed in CISA KEV.

Official resources