20 matches found
CVE-2026-45912
In the Linux kernel, the following vulnerability has been resolved: ext4: don't cache extent during splitting extent Caching extents during the splitting process is risky, as it may result in stale extents remaining in the status tree. Moreover, in most cases, the corresponding extent block entri...
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a use-after-free issue in ext4findextent when using bigalloc with inline data. Syzbot identified the following issue: loop0: A change in capacity was detected, from 0 to 2048. EXT4-fs loop0: The filesystem...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: Update origpath in ext4findextent. In ext4findextent, if the path is not large enough, we free it and set origpath to NULL. However, after reallocating the path and successfully initializing it, we do not update origpath. I...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011308)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011308 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free read in ext4findextent for bigalloc + inline Syzbot found the following...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005121)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005121 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: update origpath in ext4findextent In ext4findextent, if the path is not big enough, we fre...
Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2024-49881)
In the Linux kernel, the following vulnerability has been resolved: ext4: update origpath in ext4findextent. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if descripti...
SUSE CVE-2023-53692
In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free read in ext4findextent for bigalloc + inline Syzbot found the following issue: loop0: detected capacity change from 0 to 2048 EXT4-fs loop0: mounted filesystem 00000000-0000-0000-0000-000000000000 without...
CVE-2023-53692
In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free read in ext4findextent for bigalloc + inline Syzbot found the following issue: loop0: detected capacity change from 0 to 2048 EXT4-fs loop0: mounted filesystem 00000000-0000-0000-0000-000000000000 without...
CVE-2023-53692
Detected CVE-2023-53692 affecting Linux kernel ext4 when bigalloc and inline data are enabled. Root cause: use-after-free in ext4_find_extent triggered during inline data conversion to extents or block mapping, leading to UAF in ext4_ext_binsearch_idx/ext4_find_extent paths. The description notes...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-414329)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414329 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: update origpath in ext4findextent In ext4findextent, if the path is not big enough, we fre...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a mishandled error in the mbfindextent function, which could lead to kernel warnings and system instability...
kernel: ext4: update orig_path in ext4_find_extent()
In the Linux kernel, the following vulnerability has been resolved: ext4: update origpath in ext4findextent In ext4findextent, if the path is not big enough, we free it and set origpath to NULL. But after reallocating and successfully initializing the path, we don't update origpath, in which case...
kernel: ext4: avoid use-after-free in ext4_ext_show_leaf()
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid use-after-free in ext4extshowleaf In ext4findextent, path may be freed by error or be reallocated, so using a previously saved ppath may have been freed and thus may trigger use-after-free, as follows: ext4splitextent...
ext4: update orig_path in ext4_find_extent()
...
SUSE CVE-2024-49889
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid use-after-free in ext4extshowleaf In ext4findextent, path may be freed by error or be reallocated, so using a previously saved ppath may have been freed and thus may trigger use-after-free, as follows: ext4splitextent...
DEBIAN-CVE-2024-49881
In the Linux kernel, the following vulnerability has been resolved: ext4: update origpath in ext4findextent In ext4findextent, if the path is not big enough, we free it and set origpath to NULL. But after reallocating and successfully initializing the path, we don't update origpath, in which case...
UBUNTU-CVE-2024-49881
In the Linux kernel, the following vulnerability has been resolved: ext4: update origpath in ext4findextent In ext4findextent, if the path is not big enough, we free it and set origpath to NULL. But after reallocating and successfully initializing the path, we don't update origpath, in which case...
UBUNTU-CVE-2024-49983
In the Linux kernel, the following vulnerability has been resolved: ext4: drop ppath from ext4extreplayupdateex to avoid double-free When calling ext4forcesplitextentat in ext4extreplayupdateex, the 'ppath' is updated but it is the 'path' that is freed, thus potentially triggering a double-free i...
UBUNTU-CVE-2024-49889
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid use-after-free in ext4extshowleaf In ext4findextent, path may be freed by error or be reallocated, so using a previously saved ppath may have been freed and thus may trigger use-after-free, as follows: ext4splitextent...
SUSE CVE-2024-43828
In the Linux kernel, the following vulnerability has been resolved: ext4: fix infinite loop when replaying fastcommit When doing fastcommit replay an infinite loop may occur due to an uninitialized extentstatus struct. ext4extdetermineinserthole does not detect the replay and calls...