EUVD-2026-32232

In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4extshiftextents In ext4extshiftextents, if the extent is NULL in the while loop, the function returns immediately without releasing the path obtained via ext4findextent, leading to a memory leak. Fix...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Remove ppath from ext4extreplayupdateex to avoid double-free. When calling ext4forcesplitextentat&ppath in ext4extreplayupdateex, ppath is updated, but it is path that is freed. This potentially triggers a double-free in th...

CVE-2023-53692 ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline

In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free read in ext4findextent for bigalloc + inline Syzbot found the following issue: loop0: detected capacity change from 0 to 2048 EXT4-fs loop0: mounted filesystem 00000000-0000-0000-0000-000000000000 without...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse issue in the ext4findextent function, which could lead to memory corruption...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-380884)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-380884 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: drop ppath from ext4extreplayupdateex to avoid double-free When calling...

kernel: ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free

In the Linux kernel, the following vulnerability has been resolved: ext4: drop ppath from ext4extreplayupdateex to avoid double-free When calling ext4forcesplitextentat in ext4extreplayupdateex, the 'ppath' is updated but it is the 'path' that is freed, thus potentially triggering a double-free i...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-49881)

"The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49881 advisory. - In the Linux kernel, the following vulnerability has been resolved: ext4: update origpath in ext4findextent...

SUSE CVE-2024-49881

In the Linux kernel, the following vulnerability has been resolved: ext4: update origpath in ext4findextent In ext4findextent, if the path is not big enough, we free it and set origpath to NULL. But after reallocating and successfully initializing the path, we don't update origpath, in which case...

SUSE CVE-2024-49983

In the Linux kernel, the following vulnerability has been resolved: ext4: drop ppath from ext4extreplayupdateex to avoid double-free When calling ext4forcesplitextentat in ext4extreplayupdateex, the 'ppath' is updated but it is the 'path' that is freed, thus potentially triggering a double-free i...

CVE-2024-49881

In the Linux kernel, the following vulnerability has been resolved: ext4: update origpath in ext4findextent In ext4findextent, if the path is not big enough, we free it and set origpath to NULL. But after reallocating and successfully initializing the path, we don't update origpath, in which case...

AZL-51843 CVE-2024-49983 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: ext4: drop ppath from ext4extreplayupdateex to avoid double-free When calling ext4forcesplitextentat in ext4extreplayupdateex, the 'ppath' is updated but it is the 'path' that is freed, thus potentially triggering a double-free i...

DEBIAN-CVE-2024-49983

In the Linux kernel, the following vulnerability has been resolved: ext4: drop ppath from ext4extreplayupdateex to avoid double-free When calling ext4forcesplitextentat in ext4extreplayupdateex, the 'ppath' is updated but it is the 'path' that is freed, thus potentially triggering a double-free i...

CVE-2024-49881

In the Linux kernel, the following vulnerability has been resolved: ext4: update origpath in ext4findextent In ext4findextent, if the path is not big enough, we free it and set origpath to NULL. But after reallocating and successfully initializing the path, we don't update origpath, in which case...

CVE-2024-49983 ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free

In the Linux kernel, the following vulnerability has been resolved: ext4: drop ppath from ext4extreplayupdateex to avoid double-free When calling ext4forcesplitextentat in ext4extreplayupdateex, the 'ppath' is updated but it is the 'path' that is freed, thus potentially triggering a double-free i...

CVE-2024-49889

CVE-2024-49889: Linux kernel ext4 uses-after-free in ext4_ext_show_leaf() and related ext4 extents handling. The issue arises when EXT_DEBUG is defined and a saved path pointer may be freed during extent handling, leading to use-after-free in ext4_ext_show_leaf() or during ext4_ext_handle unwritt...

CVE-2024-49889 ext4: avoid use-after-free in ext4_ext_show_leaf()

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid use-after-free in ext4extshowleaf In ext4findextent, path may be freed by error or be reallocated, so using a previously saved ppath may have been freed and thus may trigger use-after-free, as follows: ext4splitextent...

CVE-2024-49881 ext4: update orig_path in ext4_find_extent()

In the Linux kernel, the following vulnerability has been resolved: ext4: update origpath in ext4findextent In ext4findextent, if the path is not big enough, we free it and set origpath to NULL. But after reallocating and successfully initializing the path, we don't update origpath, in which case...