5.5

CVE-2026-23145

ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref

In the Linux kernel, the following vulnerability has been resolved:

ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref

The error branch for ext4_xattr_inode_update_ref forget to release the
refcount for iloc.bh. Find this when review code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.4.301 < 5.5
LinuxLinux Kernel Version >= 5.10.246 < 5.10.249
LinuxLinux Kernel Version >= 5.15.195 < 5.15.199
LinuxLinux Kernel Version >= 6.1.157 < 6.1.162
LinuxLinux Kernel Version >= 6.6.113 < 6.6.122
LinuxLinux Kernel Version >= 6.12.54 < 6.12.67
LinuxLinux Kernel Version >= 6.17.4 < 6.18.7
LinuxLinux Kernel Version6.19 Updaterc1
LinuxLinux Kernel Version6.19 Updaterc2
LinuxLinux Kernel Version6.19 Updaterc3
LinuxLinux Kernel Version6.19 Updaterc4
LinuxLinux Kernel Version6.19 Updaterc5
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.024
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/7c9f059c3d531a12d7ad96cd34a44b8af7c00d5f
Patch
https://git.kernel.org/stable/c/6241cd1d0acc2363016ac55b8773ba1332dd59d7
Patch
https://git.kernel.org/stable/c/3b00c16e42428a1ecd3a5eb9cc37f8ad9bd47626
Patch
https://git.kernel.org/stable/c/0b06cde92f2f960f4ebe3c988c69f2711f2a24dc
Patch
https://git.kernel.org/stable/c/8e8542c539927ae3898a4d02941f84e252e2dea1
Patch
https://git.kernel.org/stable/c/06e26287f2e349a28ad363941ffd9076bfed8b2e
Patch
https://git.kernel.org/stable/c/d250bdf531d9cd4096fedbb9f172bb2ca660c868
Patch