Updated: 2026-02-27 04:27:23.605598
Description:
In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode There are many places that will get unhappy (and crash) when ext4_iget() returns a bad inode. However, if iget the boot loader inode, allows a bad inode to be returned, because the inode may not be initialized. This mechanism can be used to bypass some checks and cause panic. To solve this problem, we add a special iget flag EXT4_IGET_BAD. Only with this flag we'd be returning bad inode from ext4_iget(), otherwise we always return the error code if the inode is bad inode.(suggested by Jan Kara)
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0.0 | |
| CVSS Version 3.x | MEDIUM | 5.5 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | kernel | 5.14.0 | 5.5 | MEDIUM | Released | CLSA-2025:1762171389 | 2025-11-03 17:15:18 | |
| CentOS 8.4 ELS | kernel | 4.18.0 | 5.5 | MEDIUM | Ignored | 2025-10-21 08:04:48 | Ignored due to low severity | |
| CentOS 8.5 ELS | kernel | 4.18.0 | 5.5 | MEDIUM | Ignored | 2025-10-21 08:04:48 | Ignored due to low severity | |
| Ubuntu 16.04 ELS | linux-hwe | 4.15.0 | 5.5 | MEDIUM | Ignored | 2026-02-04 20:05:58 | This issue is local-only and specific to the ext4 filesystem, and its practical effect is limited to... | |
| Ubuntu 16.04 ELS | linux | 4.4.0 | 5.5 | MEDIUM | Ignored | 2026-02-05 04:15:45 | This issue is local-only and specific to the ext4 filesystem, and its practical effect is limited to... |