CVE-2025-22113

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid journaling sb update on error if journal is destroying Presently we always BUGON if trying to start a transaction on a journal marked with JBD2UNMOUNT, since this should never happen. However, while ltp running stress...

Linux Distros Unpatched Vulnerability : CVE-2024-50006

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: fix idatasem unlock order in ext4indmigrate Fuzzing reports a possible deadlock in jbd2logwaitcommit. This issue is triggered when an EXT4IOCMIGRATE ioctl...

Linux Distros Unpatched Vulnerability : CVE-2024-43828

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ext4: fix infinite loop when replaying fastcommit When doing fastcommit replay an infinite...

Linux Distros Unpatched Vulnerability : CVE-2024-26772

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: avoid allocating blocks from corrupted group in ext4mbfindbygoal Places the logic for checking if the group's block bitmap is corrupt under the protection...

CVE-2022-49349

In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in ext4renamedirprepare We got issue as follows: EXT4-fs loop0: mounted filesystem without journal. Opts: ,errors=continue ext4getfirstdirblock: bh-bdata=0xffff88810bee6000 len=34478 ext4getfirstdirblock:...

CVE-2022-49348 ext4: filter out EXT4_FC_REPLAY from on-disk superblock field s_state

In the Linux kernel, the following vulnerability has been resolved: ext4: filter out EXT4FCREPLAY from on-disk superblock field sstate The EXT4FCREPLAY bit in sbi-smountstate is used to indicate that we are in the middle of replay the fast commit journal. This was actually a mistake, since the...

CVE-2022-49343 ext4: avoid cycles in directory h-tree

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid cycles in directory h-tree A maliciously corrupted filesystem can contain cycles in the h-tree stored inside a directory. That can easily lead to the kernel corrupting tree nodes that were already verified under its...

CVE-2022-49174

In the Linux kernel, the following vulnerability has been resolved: ext4: fix ext4mbmarkbb with flexbg with fastcommit In case of flexbg feature which is by default enabled, extents for any given inode might span across blocks from two different block group. ext4mbmarkbb only reads the bufferhead...

kernel: ext4: do not create EA inode under buffer lock

A vulnerability was found in the Linux kernel's ext4 filesystem, where the system could create EA inodes while holding a buffer lock, this approach can lead to deadlocks, especially if the filesystem is corrupted...

CVE-2024-43898

Removed by vendor...

CVE-2024-42305 ext4: check dot and dotdot of dx_root before making dir indexed

In the Linux kernel, the following vulnerability has been resolved: ext4: check dot and dotdot of dxroot before making dir indexed Syzbot reports a issue as follows: ============================================ BUG: unable to handle page fault for address: ffffed11022e24fe PGD 23ffee067 P4D...

CVE-2024-39276 ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find()

In the Linux kernel, the following vulnerability has been resolved: ext4: fix mbcacheentry's erefcnt leak in ext4xattrblockcachefind Syzbot reports a warning as follows: ============================================ WARNING: CPU: 0 PID: 5075 at fs/mbcache.c:419 mbcachedestroy+0x224/0x290 Modules...

kernel: ext4: fix bug_on in __es_tree_search caused by bad quota inode

In the Linux kernel, the following vulnerability has been resolved: ext4: fix bugon in estreesearch caused by bad quota inode We got a issue as fllows: ================================================================== kernel BUG at fs/ext4/extentsstatus.c:202! invalid opcode: 0000 1 PREEMPT SMP...

PT-2024-29172 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A slab-out-of-bounds issue has been resolved in the Linux kernel, specifically in the ext4 file system. This issue can be triggered by setting an oversized value for s mb group preallo...

CVE-2021-47117

In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug on in ext4escacheextent as ext4splitextentat failed We got follow bugon when run fsstress with injecting IO fault: 130747.323114 kernel BUG at fs/ext4/extentsstatus.c:762! 130747.323117 Internal error: Oops - BUG: 0...

kernel: ext4: use-after-free in ext4_xattr_set_entry()

A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw allows a privileged local user to cause a system crash or other undefined behaviors...

PT-2022-36333 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.154 Description: A potential issue exists in the ext4 file system where a directory entry with an invalid rec len can trigger a BUG ON condition. The actual impact and attack plausibility of this issue hav...

PT-2022-33731 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.63 Description: The issue concerns the ext4 filesystem, specifically avoiding resizing to a partial cluster size. The actual impact and attack plausibility have not yet been proven. Recommendations: For...

USN-3871-1 linux vulnerabilities

Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code...

BSA-2019-753

Security Advisory ID : BSA-2019-753 Component : Kernel Revision : 1.0: Initial A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image...