Updated: 2025-05-09 19:04:36.727376
Description:
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid cycles in directory h-tree A maliciously corrupted filesystem can contain cycles in the h-tree stored inside a directory. That can easily lead to the kernel corrupting tree nodes that were already verified under its hands while doing a node split and consequently accessing unallocated memory. Fix the problem by verifying traversed block numbers are unique.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | NONE | 0 |
| CVSS Version 3.x | MEDIUM | 5.5 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| CentOS 8.4 ELS | kernel | 4.18.0 | 5.5 | MEDIUM | Needs Triage | 2025-05-09 20:40:52 | ||
| CentOS 8.5 ELS | kernel | 4.18.0 | 5.5 | MEDIUM | Needs Triage | 2025-05-09 20:40:50 | ||
| CentOS Stream 8 ELS | kernel | 4.18.0 | 5.5 | MEDIUM | Needs Triage | 2025-05-16 07:29:24 |