SUSE CVE-2026-45858

In the Linux kernel, the following vulnerability has been resolved: ext4: don't zero the entire extent if EXT4EXTDATAPARTIALVALID1 When allocating initialized blocks from a large unwritten extent, or when splitting an unwritten extent during end I/O and converting it to initialized, there is...

SUSE CVE-2026-45892

In the Linux kernel, the following vulnerability has been resolved: ext4: drop extent cache after doing PARTIALVALID1 zeroout When splitting an unwritten extent in the middle and converting it to initialized in ext4splitextent with the EXT4EXTMAYZEROOUT and EXT4EXTDATAVALID2 flags set, it could...

SUSE CVE-2026-45899

In the Linux kernel, the following vulnerability has been resolved: ext4: drop extent cache when splitting extent fails When the split extent fails, we might leave some extents still being processed and return an error directly, which will result in stale extent entries remaining in the extent...

CVE-2026-45899

In the Linux kernel, the following vulnerability has been resolved: ext4: drop extent cache when splitting extent fails When the split extent fails, we might leave some extents still being processed and return an error directly, which will result in stale extent entries remaining in the extent...

CVE-2026-45912

The CVE-2026-45912 issue affects the Linux kernel ext4 path: during split of an unwritten extent, ext4_split_extent_at() truncates and inserts a new extent while the extent status tree may temporarily reflect a hole if ext4_find_extent() or ext4_cache_extents() are invoked. This can leave a stale...

CVE-2026-45899

In the Linux kernel, the following vulnerability has been resolved: ext4: drop extent cache when splitting extent fails When the split extent fails, we might leave some extents still being processed and return an error directly, which will result in stale extent entries remaining in the extent...

CVE-2026-45899 ext4: drop extent cache when splitting extent fails

In the Linux kernel, the following vulnerability has been resolved: ext4: drop extent cache when splitting extent fails When the split extent fails, we might leave some extents still being processed and return an error directly, which will result in stale extent entries remaining in the extent...

CVE-2026-45899

In the Linux kernel, the following vulnerability has been resolved: ext4: drop extent cache when splitting extent fails When the split extent fails, we might leave some extents still being processed and return an error directly, which will result in stale extent entries remaining in the extent...

CVE-2026-45899

Summary: CVE-2026-45899 is a Linux kernel ext4 issue corrected by dropping all remaining potentially stale extents when a split extent operation fails. What happens: If a split extent fails, some extents may remain in processing and an error is returned, leaving stale entries in the extent status...

CVE-2026-45858 ext4: don't zero the entire extent if EXT4_EXT_DATA_PARTIAL_VALID1

In the Linux kernel, the following vulnerability has been resolved: ext4: don't zero the entire extent if EXT4EXTDATAPARTIALVALID1 When allocating initialized blocks from a large unwritten extent, or when splitting an unwritten extent during end I/O and converting it to initialized, there is...

CVE-2026-45858

CVE-2026-45858 affects the Linux kernel ext4 code. The issue occurs when allocating initialized blocks from a large unwritten extent or splitting an unwritten extent during end I/O, potentially leaving stale data if a split happens in the middle. The problem centers on ext4_split_extent() splitti...

PT-2026-43766

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext4 file system where a failure during the split extent process may cause the system to return an error immediately while some extents are still being processed...

PT-2026-43725

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext4 file system when allocating initialized blocks from a large unwritten extent or splitting an unwritten extent during end I/O. A potential for stale data occur...

EUVD-2023-60044

Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting XSS via the Bandwidth Report component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-400876)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-400876 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix slab-use-after-free in ext4splitextentat We hit the following use-after-free:...

UBUNTU-CVE-2023-53564

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix defrag path triggering jbd2 ASSERT code path: ocfs2ioctlmoveextents ocfs2moveextents ocfs2defragextent ocfs2moveextent + ocfs2journalaccessdi + ocfs2splitextent //sub-paths call jbd2journalrestart + ocfs2journaldirty...

CVE-2023-53564

CVE-2023-53564 affects the OCFS2 defragmentation code in the Linux kernel. The vulnerability arises when ocfs2_move_extents and __ocfs2_move_extent incorrectly invoke journal access/dirty pairs (via ocfs2_journal_access_di and ocfs2_journal_dirty) during defragmentation, allowing a crash caused b...

PT-2025-40706

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the OCFS2 file system related to defragmentation. A specific code path, initiated by ocfs2 ioctl move extents, leads to a call stack involving ocf...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a slab-use-after-free in ext4splitextentat. We encountered the following use-after-free issues: BUG: KASAN: slab-use-after-free in ext4splitextentat+0xba8/0xcc0 Read of size 2 at addr ffff88810548ed08 by task...

The vulnerability of the ext4_split_extent_at() function in the ext4 file system of Linux kernels allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the ext4splitextentat function in the fs/ext4/extents.c file of the Linux kernel’s file system ext4 is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibilit...