PT-2026-43913

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A refcount leak occurs in the ext4 filesystem when block csum is false. This happens because the function ext4 xattr inode dec ref all calls ext4 get inode loc to obtain iloc.bh but fail...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Mitigation of the issue where the EA inode refcount may underflow during xattr updates. Syzkaller identified a path in the ext4xattrinodeupdateref function where the refcount of EA inodes is checked. If the refcount is...

SUSE CVE-2025-40190

In the Linux kernel, the following vulnerability has been resolved: ext4: guard against EA inode refcount underflow in xattr update syzkaller found a path where ext4xattrinodeupdateref reads an EA inode refcount that is already ref underflow: refcount=-1 refchange=-1 EXT4-fs warning: eainode dec...

EUVD-2025-150384

In the Linux kernel, the following vulnerability has been resolved: ext4: guard against EA inode refcount underflow in xattr update syzkaller found a path where ext4xattrinodeupdateref reads an EA inode refcount that is already ref underflow: refcount=-1 refchange=-1 EXT4-fs warning: eainode dec...

DEBIAN-CVE-2025-40190

In the Linux kernel, the following vulnerability has been resolved: ext4: guard against EA inode refcount underflow in xattr update syzkaller found a path where ext4xattrinodeupdateref reads an EA inode refcount that is already ref underflow: refcount=-1 refchange=-1 EXT4-fs warning: eainode dec...

CVE-2025-40190

The CVE-2025-40190 entry concerns the Linux kernel ext4: guard against EA inode refcount underflow in xattr update. The root cause was a path where ext4_xattr_inode_update_ref() could read an EA inode refcount already