Primary

Context

Linux Kernel Ext4 Filesystem Bug Leading to Kernel Panic

Vulnerability

A vulnerability in the Linux kernel's ext4 filesystem has been identified, where a bug in the extent status handling can lead to a kernel panic. This issue arises during quota management operations, specifically when checking for overlapping extents. The flaw allows the system to incorrectly process extent entries, bypassing necessary validation checks. As a result, a 'BUG_ON' condition is triggered, causing the kernel to crash.

Impact

Exploitation of this vulnerability causes a kernel panic, leading to a system crash.

Reproduction

The vulnerability can be reproduced by enabling quotas on an ext4 filesystem and then mounting the filesystem. The quota management process will trigger the bug by causing the system to improperly handle extent entries, ultimately leading to a kernel panic.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.3

remediation

0.0

relevance

0.0

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.3

remediation

0.0

relevance

0.0

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Ext4 Filesystem Bug Leading to Kernel Panic

Vulnerability

Impact

Reproduction

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating