CVE-2026-43068

Linux kernel ext4: CVE-2026-43068 stems from a bug that could cause allocation of blocks from a corrupted block group, leading to repeated delayed block allocation failures and potential data loss. The issue arises in ext4_mb_find_by_goal() through ext4_mb_load_buddy and related bitmap checks, wh...

CVE-2026-43067 ext4: handle wraparound when searching for blocks for indirect mapped blocks

In the Linux kernel, the following vulnerability has been resolved: ext4: handle wraparound when searching for blocks for indirect mapped blocks Commit 4865c768b563 "ext4: always allocate blocks only from groups inode can use" restricts what blocks will be allocated for indirect block based files...

CVE-2026-43067

In the Linux kernel, the following vulnerability has been resolved: ext4: handle wraparound when searching for blocks for indirect mapped blocks Commit 4865c768b563 "ext4: always allocate blocks only from groups inode can use" restricts what blocks will be allocated for indirect block based files...

CVE-2026-43067

Summary of CVE-2026-43067 (Linux kernel, ext4): A wraparound issue in block allocation for indirect-mmapped files could permit referencing blocks beyond the 32-bit block-number limit. The described root cause involves how ext4 allocates blocks for indirect-based files and how grouping logic could...

CVE-2026-43065 ext4: always drain queued discard work in ext4_mb_release()

In the Linux kernel, the following vulnerability has been resolved: ext4: always drain queued discard work in ext4mbrelease While reviewing recent ext4 patch1, Sashiko raised the following concern2: If the filesystem is initially mounted with the discard option, deleting files will populate...

CVE-2026-43066

CVE-2026-43066: In Linux kernel ext4_fc_replay_inode(), iloc.bh leak could occur on error paths due to missing brelse at several failure points. The patch adds an out_brelse label before the existing out label to ensure iloc.bh is released, and also makes ext4_fc_replay_inode() propagate errors i...

CVE-2026-43066

In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4fcreplayinode error paths During code review, Joseph found that ext4fcreplayinode calls ext4getfcinodeloc to get the inode location, which holds a reference to iloc.bh that must be released via brels...

CVE-2026-43065

In the Linux kernel, the following vulnerability has been resolved: ext4: always drain queued discard work in ext4mbrelease While reviewing recent ext4 patch1, Sashiko raised the following concern2: If the filesystem is initially mounted with the discard option, deleting files will populate...

CVE-2026-43065

CVE-2026-43065 concerns the Linux kernel ext4 subsystem. The issue arises in ext4_mb_release() where, if a filesystem is mounted with -o discard and files are deleted, sbi->s_discard_list accumulates and s_discard_work is queued; if the filesystem is later remounted with nodiscard and the EXT4...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ext4mbfindbygoal function potentially allocating blocks from a damaged group, which could lea...

PT-2026-37069

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the ext4 file system within the ext4 fc replay inode function. The function calls ext4 get fc inode loc to obtain the inode location, which creates a reference to...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from ext4’s failure to handle circular issues when searching for indirectly mapped blocks. This could...

PT-2026-37070

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext4 file system regarding the handling of wraparound when searching for blocks for indirect mapped blocks. In environments where a file system contains both...

Linux Distros Unpatched Vulnerability : CVE-2026-43068

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: avoid allocate block from corrupted group in ext4mbfindbygoal There's issue as follows: ... EXT4-fs mmcblk0p1: Delayed block allocation failed for inode...

Linux Distros Unpatched Vulnerability : CVE-2026-43066

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: fix iloc.bh leak in ext4fcreplayinode error paths During code review, Joseph found that ext4fcreplayinode calls ext4getfcinodeloc to get the inode locatio...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: fix invalid free tracking in ext4xattrMoveToBlock In ext4xattrMoveToBlock, the value of the extended attribute that we need to move to an external block may be allocated by kvmalloc if the value is stored in an external...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Turn quotas off if mount fails after enabling quotas Yi discovered during a review of the patch “ext4: Don’t report errors with inconsistent journal features” that when ext4markrecoverycomplete returns an error value, the...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed an inode leak in ext4xattrinodecreate, which occurs on an error path. There is a issue when using setxattr with a fault injection: localhost fsck.ext4 -fn /dev/sda e2fsck 1.46.6-rc1 12-Sep-2022 Pass 1: Checking...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: fixed a warning in ext4iomapbegin due to a race between bmap and write The issue occurs as follows: ------------ cut here ------------ WARNING: CPU: 3 PID: 9310 at fs/ext4/inode.c:3441 ext4iomapbegin+0x182/0x5d0 RIP:...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential out of bound read in ext4fcreplayscan For scan loop must ensure that at least EXT4FCTAGBASELEN space. If remain space less than EXT4FCTAGBASELEN which will lead to out of bound read when mounting corrupt file...