27 matches found
CVE-2026-46046 ext4: fix missing brelse() in ext4_xattr_inode_dec_ref_all()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix missing brelse in ext4xattrinodedecrefall The commit c8e008b60492 "ext4: ignore xattrs past end" introduced a refcount leak in when blockcsum is false. ext4xattrinodedecrefall calls ext4getinodeloc to get iloc.bh, but...
EUVD-2026-32428
In the Linux kernel, the following vulnerability has been resolved: ext4: fix missing brelse in ext4xattrinodedecrefall The commit c8e008b60492 "ext4: ignore xattrs past end" introduced a refcount leak in when blockcsum is false. ext4xattrinodedecrefall calls ext4getinodeloc to get iloc.bh, but...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed an out-of-bound read in ext4xattrinodedecrefall. The issue is as follows: BUG: KASAN: Use-after-free in ext4xattr inodedecrefall+0x6ff/0x790. A read of size 4 was performed at address ffff88807b003000 by the task...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ext4: ignore xattrs entries past the “end” entry Once inside ‘ext4xattrinodedecrefall’, we should ignore xattrs entries that are located after the “end” entry. This fixes the following KASAN reported issue:...
SUSE CVE-2026-23145
In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4xattrinodeupdateref The error branch for ext4xattrinodeupdateref forget to release the refcount for iloc.bh. Find this when review code...
CVE-2026-23145
In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4xattrinodeupdateref The error branch for ext4xattrinodeupdateref forget to release the refcount for iloc.bh. Find this when review code...
UBUNTU-CVE-2026-23145
In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4xattrinodeupdateref The error branch for ext4xattrinodeupdateref forget to release the refcount for iloc.bh. Find this when review code...
CVE-2026-23145 ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref
In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4xattrinodeupdateref The error branch for ext4xattrinodeupdateref forget to release the refcount for iloc.bh. Find this when review code...
CVE-2026-23145
In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4xattrinodeupdateref The error branch for ext4xattrinodeupdateref forget to release the refcount for iloc.bh. Find this when review code...
PT-2025-53963
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel related to an inode leak within the ext4 xattr inode create function when handling errors during extended attribute operations. Specifically, if ext4...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ext4xattrinodecreate error path not freeing an inode, which could lead to an inode leak...
SUSE CVE-2025-40361
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
EUVD-2025-203732
In the Linux kernel, the following vulnerability has been resolved: fs: ext4: change GFPKERNEL to GFPNOFS to avoid deadlock The parent function ext4xattrinodelookupcreate already uses GFPNOFS for memory alloction, so the function ext4xattrinodecachefind should use same gfpflag...
CVE-2025-40361
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2025-40361 fs: ext4: change GFP_KERNEL to GFP_NOFS to avoid deadlock
In the Linux kernel, the following vulnerability has been resolved: fs: ext4: change GFPKERNEL to GFPNOFS to avoid deadlock The parent function ext4xattrinodelookupcreate already uses GFPNOFS for memory alloction, so the function ext4xattrinodecachefind should use same gfpflag...
Linux Distros Unpatched Vulnerability : CVE-2025-40361
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs: ext4: change GFPKERNEL to GFPNOFS to avoid deadlock The parent function ext4xattrinodelookupcreate already uses GFPNOFS for memory alloction, so the functio...
ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()
...
kernel: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix out-of-bound read in ext4xattrinodedecrefall There's issue as follows: BUG: KASAN: use-after-free in ext4xattrinodedecrefall+0x6ff/0x790 Read of size 4 at addr ffff88807b003000 by task syz-executor.0/15172 CPU: 3 PID:...
kernel: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix out-of-bound read in ext4xattrinodedecrefall There's issue as follows: BUG: KASAN: use-after-free in ext4xattrinodedecrefall+0x6ff/0x790 Read of size 4 at addr ffff88807b003000 by task syz-executor.0/15172 CPU: 3 PID:...
kernel: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix out-of-bound read in ext4xattrinodedecrefall There's issue as follows: BUG: KASAN: use-after-free in ext4xattrinodedecrefall+0x6ff/0x790 Read of size 4 at addr ffff88807b003000 by task syz-executor.0/15172 CPU: 3 PID:...