7 matches found
CVE-2025-70100
A divide-by-zero vulnerability in the ext4blocksetlbsize function in src/ext4blockdev.c of the lwext4 1.0.0 library allows attackers to cause a denial of service by providing a malformed ext4 filesystem image that results in a zero logical block size. The vulnerability is triggered during mount o...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002586)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002586 advisory. A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2journaldirtymetadata, a denial of service, and a system...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002907)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002907 advisory. A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4extremovespace function when mounting and operating a crafted ext4...
AZL-52293 CVE-2024-49968 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: ext4: filesystems without casefold feature cannot be mounted with siphash When mounting the ext4 filesystem, if the default hash version is set to DXHASHSIPHASH but the casefold feature is not set, exit the mounting...
Vulnerabilities of functions ext4_put_super and dump_orphan_list in the Linux operating system’s kernel, which allow attackers to compromise the confidentiality, integrity, and accessibility of protected information
The vulnerability of the ext4putsuper function fs/ext4/super.c and the dumporphanlist function fs/ext4/super.c in the Linux kernel is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and...
kernel: NULL pointer dereference in ext4/mballoc.c:ext4_process_freed_data() when mounting crafted ext4 image
The Linux kernel is vulnerable to a NULL pointer dereference in the ext4/mballoc.c:ext4processfreeddata function. An attacker could trick a legitimate user or a privileged attacker could exploit this by mounting a crafted ext4 image to cause a kernel panic...
UBUNTU-CVE-2018-10876
A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4extremovespace function when mounting and operating a crafted ext4 image...