CVE-2026-45858 Affecting perf6.18-debuginfo package, versions <1:6.18.15-14.217.amzn2023


Severity

Recommended
high

Based on Amazon Linux security rating.

Threat Intelligence

EPSS
0.16% (6th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-AMZN2023-PERF618DEBUGINFO-17407047
  • published23 Jun 2026
  • disclosed27 May 2026

Introduced: 27 May 2026

CVE-2026-45858  (opens in a new tab)

How to fix?

Upgrade Amazon-Linux:2023 perf6.18-debuginfo to version 1:6.18.15-14.217.amzn2023 or higher.
This issue was patched in ALAS2023-2026-1514.

NVD Description

Note: Versions mentioned in the description apply only to the upstream perf6.18-debuginfo package and not the perf6.18-debuginfo package as distributed by Amazon-Linux. See How to fix? for Amazon-Linux:2023 relevant fixed versions and status.

In the Linux kernel, the following vulnerability has been resolved:

ext4: don't zero the entire extent if EXT4_EXT_DATA_PARTIAL_VALID1

When allocating initialized blocks from a large unwritten extent, or when splitting an unwritten extent during end I/O and converting it to initialized, there is currently a potential issue of stale data if the extent needs to be split in the middle.

   0  A      B  N
   [UUUUUUUUUUUU]    U: unwritten extent
   [--DDDDDDDD--]    D: valid data
      |&lt;-  -&gt;| ----&gt; this range needs to be initialized

ext4_split_extent() first try to split this extent at B with EXT4_EXT_DATA_ENTIRE_VALID1 and EXT4_EXT_MAY_ZEROOUT flag set, but ext4_split_extent_at() failed to split this extent due to temporary lack of space. It zeroout B to N and mark the entire extent from 0 to N as written.

   0  A      B  N
   [WWWWWWWWWWWW]    W: written extent
   [SSDDDDDDDDZZ]    Z: zeroed, S: stale data

ext4_split_extent() then try to split this extent at A with EXT4_EXT_DATA_VALID2 flag set. This time, it split successfully and left a stale written extent from 0 to A.

   0  A      B   N
   [WW|WWWWWWWWWW]
   [SS|DDDDDDDDZZ]

Fix this by pass EXT4_EXT_DATA_PARTIAL_VALID1 to ext4_split_extent_at() when splitting at B, don't convert the entire extent to written and left it as unwritten after zeroing out B to N. The remaining work is just like the standard two-part split. ext4_split_extent() will pass the EXT4_EXT_DATA_VALID2 flag when it calls ext4_split_extent_at() for the second time, allowing it to properly handle the split. If the split is successful, it will keep extent from 0 to A as unwritten.

CVSS Base Scores

version 3.1