CVE-2023-54305

CVE-2023-54305 is a Linux kernel/ext4 vulnerability where the ea block expansion could access s_root while it is NULL during unmount, risking a kernel panic. Public descriptions across NVD/Red Hat/SUSE/osv entries confirm the issue and its resolution in the kernel, not in user space. The fix prev...

CVE-2023-54305 ext4: refuse to create ea block when umounted

In the Linux kernel, the following vulnerability has been resolved: ext4: refuse to create ea block when umounted The ea block expansion need to access sroot while it is already set as NULL when umount is triggered. Refuse this request to avoid panic...

CVE-2022-50845 ext4: fix inode leak in ext4_xattr_inode_create() on an error path

In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode leak in ext4xattrinodecreate on an error path There is issue as follows when do setxattr with inject fault: localhost fsck.ext4 -fn /dev/sda e2fsck 1.46.6-rc1 12-Sep-2022 Pass 1: Checking inodes, blocks, and sizes...

CVE-2022-50845

In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode leak in ext4xattrinodecreate on an error path There is issue as follows when do setxattr with inject fault: localhost fsck.ext4 -fn /dev/sda e2fsck 1.46.6-rc1 12-Sep-2022 Pass 1: Checking inodes, blocks, and sizes...

CVE-2022-50845 ext4: fix inode leak in ext4_xattr_inode_create() on an error path

In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode leak in ext4xattrinodecreate on an error path There is issue as follows when do setxattr with inject fault: localhost fsck.ext4 -fn /dev/sda e2fsck 1.46.6-rc1 12-Sep-2022 Pass 1: Checking inodes, blocks, and sizes...

CVE-2023-54177 quota: fix warning in dqgrab()

In the Linux kernel, the following vulnerability has been resolved: quota: fix warning in dqgrab There's issue as follows when do fault injection: WARNING: CPU: 1 PID: 14870 at include/linux/quotaops.h:51 dquotdisable+0x13b7/0x18c0 Modules linked in: CPU: 1 PID: 14870 Comm: fsconfig Not tainted...

CVE-2023-54177 quota: fix warning in dqgrab()

In the Linux kernel, the following vulnerability has been resolved: quota: fix warning in dqgrab There's issue as follows when do fault injection: WARNING: CPU: 1 PID: 14870 at include/linux/quotaops.h:51 dquotdisable+0x13b7/0x18c0 Modules linked in: CPU: 1 PID: 14870 Comm: fsconfig Not tainted...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992219)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992219 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix task hung in ext4xattrdeleteinode Syzbot reported a hung task problem:...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992567)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992567 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: block range must be validated before use in ext4mbclearbb Block range to free is validated ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992362)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992362 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: Fix function prototype mismatch for ext4featktype With clang's kernel control flow integrit...

PT-2025-54006

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.3.0-next-20230505-00006-g5107a9c821af Description The Linux kernel contains an issue within the quota handling mechanism. A warning can occur in the dqgrab function during fault injection scenarios involving...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ext4xattrinodecreate error path not freeing an inode, which could lead to an inode leak...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992284)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992284 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix delayed allocation bug in ext4clumapped for bigalloc + inline When converting files wit...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992339)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992339 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix warning in ext4iomapbegin as race between bmap and write We got issue as follows:...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992181)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992181 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in mbfindextent Syzbot found the following issue: EXT4-fs: Warning: mounting wi...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992425)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992425 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing to a partial cluster size This patch avoids an attempt to resize the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992208)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992208 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in ext4updateinlinedata Syzbot found the following issue: EXT4-fs loop0: mount...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992588)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992588 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: zero idisksize when initializing the bootloader inode If the boot loader inode has never...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992504)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992504 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: add bounds checking in getmaxinlinexattrvaluesize Normally the extended attributes in the...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992207)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992207 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: init quota for 'old.inode' in 'ext4rename' Syzbot found the following issue: ext4parseparam...