CVE-2025-68820

NONE EPSS 6.9%
Published Jan 13, 20265mo ago · Modified Jun 17, 20262w ago
Find Similar
Published Jan 13, 2026 5mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4_raw_inode() If ext4_get_inode_loc() fails (e.g. if it returns -EFSCORRUPTED), iloc.bh will remain set to NULL. Since ext4_xattr_inode_dec_ref_all() lacks error checking, this will lead to a null pointer dereference in ext4_raw_inode(), called right after ext4_get_inode_loc(). Found by Linux Verification Center (linuxtesting.org) with SVACE.

Threat Intelligence

EPSS Exploit Probability
6.9% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 7

  • git.kernel.org https://git.kernel.org/stable/c/190ad0f22ba49f1101182b80e3af50ca2ddfe72f
  • git.kernel.org https://git.kernel.org/stable/c/3d8d22e75f7edfa0b30ff27330fd6a1285d594c3
  • git.kernel.org https://git.kernel.org/stable/c/5b154e901fda2e98570b8f426a481f5740097dc2
  • git.kernel.org https://git.kernel.org/stable/c/b5d942922182e82724b7152cb998f540132885ec
  • git.kernel.org https://git.kernel.org/stable/c/b72a3476f0c97d02f63a6e9fff127348d55436f6
  • git.kernel.org https://git.kernel.org/stable/c/b97cb7d6a051aa6ebd57906df0e26e9e36c26d14
  • git.kernel.org https://git.kernel.org/stable/c/ce5f54c065a4a7cbb92787f4f140917112350142

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.