Lucene search
K

5184 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.6 views

CVE-2025-70100

A divide-by-zero vulnerability in the ext4blocksetlbsize function in src/ext4blockdev.c of the lwext4 1.0.0 library allows attackers to cause a denial of service by providing a malformed ext4 filesystem image that results in a zero logical block size. The vulnerability is triggered during mount o...

5.8AI score0.00155EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.19 views

PT-2026-45935

Name of the Vulnerable Software and Affected Versions lwext4 version 1.0.0 Description An out-of-bounds read exists in the ext4 ext binsearch idx function within the src/ext4 extent.c file. This occurs because extent header fields are not sufficiently validated before a binary search is performed...

6.5CVSS5.4AI score0.0028EPSS
Exploits1References8
CVE
CVE
added 2026/06/03 12:0 a.m.20 views

CVE-2025-70100

CVE-2025-70100 affects lwext4 1.0.0. A divide-by-zero in ext4_block_set_lb_size (src/ext4_blockdev.c) can cause denial of service when processing a malformed ext4 image, triggering a Floating-Point Exception or crash due to missing lb_size validation during mount/image handling. Connected sources...

5.5CVSS5.8AI score0.00155EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.14 views

CVE-2025-70099

A NULL pointer dereference in the ext4direngetnamelen function in include/ext4dir.h of lwext4 1.0.0 allows attackers to cause a denial of service by supplying a specially crafted EXT4 filesystem image with malformed directory entries. During directory iteration, the code may fail to validate the...

7.5CVSS5.9AI score0.0035EPSS
Exploits0References1
NVD
NVD
added 2026/06/01 9:16 p.m.15 views

CVE-2025-70099

A NULL pointer dereference in the ext4direngetnamelen function in include/ext4dir.h of lwext4 1.0.0 allows attackers to cause a denial of service by supplying a specially crafted EXT4 filesystem image with malformed directory entries. During directory iteration, the code may fail to validate the...

7.5CVSS0.0035EPSS
Exploits0References4
CVE
CVE
added 2026/06/01 12:0 a.m.20 views

CVE-2025-70099

CVE-2025-70099 : The Red Hat/NVD entries describe a NULL pointer dereference in lwext4 1.0.0 within ext4_dir_en_get_name_len (include/ext4_dir.h). During directory iteration, the code may not validate the directory entry pointer before accessing name_len, allowing a segmentation fault and denial ...

7.5CVSS5.9AI score0.0035EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/01 12:0 a.m.12 views

CVE-2025-70099

A NULL pointer dereference in the ext4direngetnamelen function in include/ext4dir.h of lwext4 1.0.0 allows attackers to cause a denial of service by supplying a specially crafted EXT4 filesystem image with malformed directory entries. During directory iteration, the code may fail to validate the...

5.9AI score0.0035EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.26 views

PT-2026-45548

A NULL pointer dereference in the ext4 dir en get name len function in include/ext4 dir.h of lwext4 1.0.0 allows attackers to cause a denial of service by supplying a specially crafted EXT4 filesystem image with malformed directory entries. During directory iteration, the code may fail to validat...

7.5CVSS5.9AI score0.0035EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/01 12:0 a.m.33 views

CVE-2025-70099

A NULL pointer dereference in the ext4direngetnamelen function in include/ext4dir.h of lwext4 1.0.0 allows attackers to cause a denial of service by supplying a specially crafted EXT4 filesystem image with malformed directory entries. During directory iteration, the code may fail to validate the...

0.0035EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 8:50 p.m.15 views

CVE-2026-46094

A flaw was found in the Linux kernel's ext4 filesystem, specifically in the checkxattrs function. A local attacker could exploit a bounds check error, allowing an out-of-bounds read when processing extended attributes xattrs. This could lead to memory corruption, potentially causing a denial of...

7.1CVSS5.8AI score0.00125EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/28 4:32 a.m.10 views

CVE-2026-45858

A flaw was found in the Linux kernel's ext4 filesystem. This vulnerability occurs during the splitting of unwritten data blocks, where a portion of the data may be incorrectly marked as written while still containing stale, uninitialized information. A local attacker could potentially exploit thi...

7CVSS5.8AI score0.00155EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/28 3:57 a.m.12 views

SUSE CVE-2026-45858

In the Linux kernel, the following vulnerability has been resolved: ext4: don't zero the entire extent if EXT4EXTDATAPARTIALVALID1 When allocating initialized blocks from a large unwritten extent, or when splitting an unwritten extent during end I/O and converting it to initialized, there is...

5.7AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:56 a.m.10 views

SUSE CVE-2026-45892

In the Linux kernel, the following vulnerability has been resolved: ext4: drop extent cache after doing PARTIALVALID1 zeroout When splitting an unwritten extent in the middle and converting it to initialized in ext4splitextent with the EXT4EXTMAYZEROOUT and EXT4EXTDATAVALID2 flags set, it could...

5.7AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:56 a.m.11 views

SUSE CVE-2026-45899

In the Linux kernel, the following vulnerability has been resolved: ext4: drop extent cache when splitting extent fails When the split extent fails, we might leave some extents still being processed and return an error directly, which will result in stale extent entries remaining in the extent...

5.8AI score0.0016EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:56 a.m.12 views

SUSE CVE-2026-45920

In the Linux kernel, the following vulnerability has been resolved: ext4: fix dirtyclusters double decrement on fs shutdown fstests test generic/388 occasionally reproduces a warning in ext4putsuper associated with the dirty clusters count: WARNING: CPU: 7 PID: 76064 at fs/ext4/super.c:1324...

5.7AI score0.00146EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:55 a.m.11 views

SUSE CVE-2026-45942

In the Linux kernel, the following vulnerability has been resolved: ext4: fix e4b bitmap inconsistency reports A bitmap inconsistency issue was observed during stress tests under mixed huge-page workloads. Ext4 reported multiple e4b bitmap check failures like: ext4mbcomplexscangroup:2508: group...

7.8CVSS5.7AI score0.00099EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:55 a.m.10 views

SUSE CVE-2026-45948

In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4extshiftextents In ext4extshiftextents, if the extent is NULL in the while loop, the function returns immediately without releasing the path obtained via ext4findextent, leading to a memory leak. Fix...

5.5CVSS5.8AI score0.0016EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.12 views

SUSE CVE-2026-45985

In the Linux kernel, the following vulnerability has been resolved: ext4: don't set EXT4GETBLOCKSCONVERT when splitting before submitting I/O When allocating blocks during within-EOF DIO and writeback with dioreadnolock enabled, EXT4GETBLOCKSPREIO was set to split an existing large unwritten...

5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:53 a.m.11 views

SUSE CVE-2026-46046

In the Linux kernel, the following vulnerability has been resolved: ext4: fix missing brelse in ext4xattrinodedecrefall The commit c8e008b60492 "ext4: ignore xattrs past end" introduced a refcount leak in when blockcsum is false. ext4xattrinodedecrefall calls ext4getinodeloc to get iloc.bh, but...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 3:0 a.m.15 views

CVE-2026-45892

A flaw was found in the Linux kernel's ext4 filesystem. This vulnerability occurs during certain buffered write operations when splitting unwritten data blocks, known as extents. A logic error can lead to an inconsistency where the filesystem's internal record of data blocks the extent status tre...

7CVSS5.7AI score0.00155EPSS
Exploits0References4
Rows per page
Query Builder