| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2026011315-CVE-2025-68820-7a4f@gregkh> Date: Tue, 13 Jan 2026 16:29:46 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2025-68820: ext4: xattr: fix null pointer deref in ext4_raw_inode() From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4_raw_inode() If ext4_get_inode_loc() fails (e.g. if it returns -EFSCORRUPTED), iloc.bh will remain set to NULL. Since ext4_xattr_inode_dec_ref_all() lacks error checking, this will lead to a null pointer dereference in ext4_raw_inode(), called right after ext4_get_inode_loc(). Found by Linux Verification Center (linuxtesting.org) with SVACE. The Linux kernel CVE team has assigned CVE-2025-68820 to this issue. Affected and fixed versions =========================== Issue introduced in 6.1.135 with commit cf9291a3449b04688b81e32621e88de8f4314b54 and fixed in 6.1.160 with commit 190ad0f22ba49f1101182b80e3af50ca2ddfe72f Issue introduced in 6.6.88 with commit 362a90cecd36e8a5c415966d0b75b04a0270e4dd and fixed in 6.6.120 with commit b5d942922182e82724b7152cb998f540132885ec Issue introduced in 6.12.24 with commit eb59cc31b6ea076021d14b04e7faab1636b87d0e and fixed in 6.12.64 with commit 5b154e901fda2e98570b8f426a481f5740097dc2 Issue introduced in 6.15 with commit c8e008b60492cf6fd31ef127aea6d02fd3d314cd and fixed in 6.18.3 with commit ce5f54c065a4a7cbb92787f4f140917112350142 Issue introduced in 6.15 with commit c8e008b60492cf6fd31ef127aea6d02fd3d314cd and fixed in 6.19-rc1 with commit b97cb7d6a051aa6ebd57906df0e26e9e36c26d14 Issue introduced in 5.4.293 with commit 6aff941cb0f7d0c897c3698ad2e30672709135e3 Issue introduced in 5.10.237 with commit 76c365fa7e2a8bb85f0190cdb4b8cdc99b2fdce3 Issue introduced in 5.15.181 with commit f737418b6de31c962c7192777ee4018906975383 Issue introduced in 6.13.12 with commit 3bc6317033f365ce578eb6039445fb66162722fd Issue introduced in 6.14.3 with commit 836e625b03a666cf93ff5be328c8cb30336db872 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-68820 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: fs/ext4/xattr.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/190ad0f22ba49f1101182b80e3af50ca2ddfe72f https://git.kernel.org/stable/c/b5d942922182e82724b7152cb998f540132885ec https://git.kernel.org/stable/c/5b154e901fda2e98570b8f426a481f5740097dc2 https://git.kernel.org/stable/c/ce5f54c065a4a7cbb92787f4f140917112350142 https://git.kernel.org/stable/c/b97cb7d6a051aa6ebd57906df0e26e9e36c26d14
Powered by blists - more mailing lists