{"cve":{"cve_id":"CVE-2026-53027","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":null,"epss_percentile":null,"epss_as_of":null,"description":"In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: fix missing run load for vcn0 in attr_data_get_block_locked()\n\nWhen a compressed or sparse attribute has its clusters frame-aligned,\nvcn is rounded down to the frame start using cmask, which can result\nin vcn != vcn0. In this case, vcn and vcn0 may reside in different\nattribute segments.\n\nThe code already handles the case where vcn is in a different segment\nby loading its runs before allocation. However, it fails to load runs\nfor vcn0 when vcn0 resides in a different segment than vcn. This causes\nrun_lookup_entry() to return SPARSE_LCN for vcn0 since its segment was\nnever loaded into the in-memory run list, triggering the WARN_ON(1).\n\nFix this by adding a missing check for vcn0 after the existing vcn\nsegment check. If vcn0 falls outside the current segment range\n[svcn, evcn1), find and load the attribute segment containing vcn0\nbefore performing the run lookup.\n\nThe following scenario triggers the bug:\n  attr_data_get_block_locked()\n    vcn = vcn0 & cmask        <- vcn != vcn0 after frame alignment\n    load runs for vcn segment <- vcn0 segment not loaded!\n    attr_allocate_clusters()  <- allocation succeeds\n    run_lookup_entry(vcn0)    <- vcn0 not in run -> SPARSE_LCN\n    WARN_ON(1)                <- bug fires here!","published_at":"2026-06-24T16:29:35.740000Z","last_modified_at":null,"cvss_v3_score":null,"cvss_v3_vector":null,"cvss_v3_severity":null,"cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":null,"nvd_references":["https://git.kernel.org/stable/c/2b4ae1ce613ade8a7e118fba4a5a77cd23e97e54","https://git.kernel.org/stable/c/d7ea8495fd307b58f8867acd81a1b40075b1d3ba"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-28T17:55:28.590503Z","updated_at":"2026-06-28T23:30:49.890169Z"},"effective_severity":null,"badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":null,"metrics":[]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"linux","vendor_name":"Linux","product_slug":"linux","product_name":"Linux","version_start":"c380b52f6c5702cc4bdda5e6d456d6c19a201a0b","version_start_inclusive":true,"version_end":"2b4ae1ce613ade8a7e118fba4a5a77cd23e97e54","version_end_inclusive":false,"cpe23_uri":"cve5:linux:linux:c380b52f6c5702cc4bdda5e6d456d6c19a201a0b:2b4ae1ce613ade8a7e118fba4a5a77cd23e97e54"},{"vendor_slug":"linux","vendor_name":"Linux","product_slug":"linux","product_name":"Linux","version_start":"c380b52f6c5702cc4bdda5e6d456d6c19a201a0b","version_start_inclusive":true,"version_end":"d7ea8495fd307b58f8867acd81a1b40075b1d3ba","version_end_inclusive":false,"cpe23_uri":"cve5:linux:linux:c380b52f6c5702cc4bdda5e6d456d6c19a201a0b:d7ea8495fd307b58f8867acd81a1b40075b1d3ba"},{"vendor_slug":"linux","vendor_name":"Linux","product_slug":"linux","product_name":"Linux","version_start":"406a037d93b769bca248476bd14bbe548dc1ec35","version_start_inclusive":true,"version_end":"406a037d93b769bca248476bd14bbe548dc1ec35","version_end_inclusive":true,"cpe23_uri":"cve5:linux:linux:406a037d93b769bca248476bd14bbe548dc1ec35:406a037d93b769bca248476bd14bbe548dc1ec35"},{"vendor_slug":"linux","vendor_name":"Linux","product_slug":"linux","product_name":"Linux","version_start":"6.1.132","version_start_inclusive":true,"version_end":"6.2","version_end_inclusive":false,"cpe23_uri":"cve5:linux:linux:6.1.132:6.2"},{"vendor_slug":"linux","vendor_name":"Linux","product_slug":"linux","product_name":"Linux","version_start":"6.2","version_start_inclusive":true,"version_end":"6.2","version_end_inclusive":true,"cpe23_uri":"cve5:linux:linux:6.2:6.2"},{"vendor_slug":"linux","vendor_name":"Linux","product_slug":"linux","product_name":"Linux","version_start":"0","version_start_inclusive":true,"version_end":"6.2","version_end_inclusive":false,"cpe23_uri":"cve5:linux:linux:0:6.2"},{"vendor_slug":"linux","vendor_name":"Linux","product_slug":"linux","product_name":"Linux","version_start":"7.0.10","version_start_inclusive":true,"version_end":"7.0.*","version_end_inclusive":true,"cpe23_uri":"cve5:linux:linux:7.0.10:7.0.*"},{"vendor_slug":"linux","vendor_name":"Linux","product_slug":"linux","product_name":"Linux","version_start":"7.1","version_start_inclusive":true,"version_end":"*","version_end_inclusive":true,"cpe23_uri":"cve5:linux:linux:7.1:*"}],"exploit_refs":[],"news":[],"references":[{"url":"https://git.kernel.org/stable/c/2b4ae1ce613ade8a7e118fba4a5a77cd23e97e54","source_type":"MISC","tags":[]},{"url":"https://git.kernel.org/stable/c/d7ea8495fd307b58f8867acd81a1b40075b1d3ba","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2026-06-24T16:29:35.740000Z","label":"CVE published","source":null}]}