CVE-2026-46089
Published May 27, 2026
Modified May 27, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: zram: do not forget to endio for partial discard requests As reported by Qu Wenruo and Avinesh Kumar, the following getconf PAGESIZE 65536 blkdiscard -p 4k /dev/zram0 takes literally forever to complete. zram doesn't support partial discards and just returns immediately w/o doing any discard work in such cases. The problem is that we forget to endio on our way out, so blkdiscard sleeps forever in submit_bio_wait(). Fix this by jumping to end_bio label, which does bio_endio().
References
Other References
https://git.kernel.org/stable/c/2d1f18efccdb8b29552399d024c36b705447e975
https://git.kernel.org/stable/c/35d3300f6357cfaa72db2721dc2b345b19bac5df
https://git.kernel.org/stable/c/68ce397e8236088fc53b9532d383a722288c8194
https://git.kernel.org/stable/c/a02363f71a79b755daa78a70d6b217f9c13c8c85
https://git.kernel.org/stable/c/e3668b371329ea036ff022ce8ecc82f8befcf003
Frequently Asked Questions
What is CVE-2026-46089? +
In the Linux kernel, the following vulnerability has been resolved:
zram: do not forget to endio for partial discard requests
As reported by Qu Wenruo and Avinesh Kumar, the following
getconf PAGESIZE
65536
blkdiscard -p 4k /dev/zram0
takes literally forever to complete. zram doesn't support partial
discards and just returns immediately w/o doing any discard work in such
cases. The problem is that we forget to endio on our way out, so
blkdiscard sleeps forever in submit_bio_wait(). Fix this by jumping to
end_bio label, which does bio_endio().
How do I check if I'm vulnerable to CVE-2026-46089? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.