SUSE CVE-2026-46046

In the Linux kernel, the following vulnerability has been resolved: ext4: fix missing brelse in ext4xattrinodedecrefall The commit c8e008b60492 "ext4: ignore xattrs past end" introduced a refcount leak in when blockcsum is false. ext4xattrinodedecrefall calls ext4getinodeloc to get iloc.bh, but...

PT-2026-43913

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A refcount leak occurs in the ext4 filesystem when block csum is false. This happens because the function ext4 xattr inode dec ref all calls ext4 get inode loc to obtain iloc.bh but fail...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the function ext4xattr inodedecrefall not releasing iloc.bh properly, resulting in a leak of the...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: fix mbcacheentry's erefcnt leak in ext4xattrblockcachefind Syzbot reports a warning as follows: ============================================ WARNING: CPU: 0 PID: 5075 at fs/mbcache.c:419 mbcachedestroy+0x224/0x290 Modules...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed a task that was hung in ext4xattrdelete inode. Syzbot reported a problem with hung tasks: ================================================================== INFO: Task syz-executor232:5073 is blocked for more than...

EUVD-2026-5892

In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4xattrinodeupdateref The error branch for ext4xattrinodeupdateref forget to release the refcount for iloc.bh. Find this when review code...

CVE-2026-23145

In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4xattrinodeupdateref The error branch for ext4xattrinodeupdateref forget to release the refcount for iloc.bh. Find this when review code...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in the branch of the ext4xattr inodeupdateref function. This error fails to release the...

MiracleLinux 8 : kernel-4.18.0-240.el8 (AXSA:2021-1489:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1489:04 advisory. kernel: use after free in the video driver leads to local privilege escalation CVE-2019-9458 kernel: use-after-free in drivers/bluetooth/hcildisc.c...

SUSE CVE-2025-68820

In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4rawinode If ext4getinodeloc fails e.g. if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattrinodedecrefall lacks error checking, this will lead to a null pointer...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003014)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003014 advisory. Linux kernel is vulnerable to a heap-based buffer overflow in the fs/ext4/xattr.c:ext4xattrsetentry function. An attacker could exploit this by operating on a mounte...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002925)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002925 advisory. Linux kernel is vulnerable to a heap-based buffer overflow in the fs/ext4/xattr.c:ext4xattrsetentry function. An attacker could exploit this by operating on a mounte...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002860)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002860 advisory. The ext4xattrcheckentries function in fs/ext4/xattr.c in the Linux kernel through 4.15.15 does not properly validate xattr sizes, which causes misinterpretation of a...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003268)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003268 advisory. The ext4xattrcheckentries function in fs/ext4/xattr.c in the Linux kernel through 4.15.15 does not properly validate xattr sizes, which causes misinterpretation of a...

CVE-2025-68820

In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4rawinode If ext4getinodeloc fails e.g. if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattrinodedecrefall lacks error checking, this will lead to a null pointer...

UBUNTU-CVE-2025-68820

In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4rawinode If ext4getinodeloc fails e.g. if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattrinodedecrefall lacks error checking, this will lead to a null pointer...

CVE-2025-68820 ext4: xattr: fix null pointer deref in ext4_raw_inode()

In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4rawinode If ext4getinodeloc fails e.g. if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattrinodedecrefall lacks error checking, this will lead to a null pointer...

Linux Distros Unpatched Vulnerability : CVE-2025-68820

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4rawinode If ext4getinodeloc fails e.g. if it...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000468)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000468 advisory. The Linux kernel before 5.4.2 mishandles ext4expandextraisize, as demonstrated by use-after-free errors in ext4expandextraisize and ext4xattrsetentry, related to...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993213)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993213 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix task hung in ext4xattrdeleteinode Syzbot reported a hung task problem:...