Linux Kernel ext4 Invalid rec_len Directory Entry Vulnerability

Vulnerability

A vulnerability in the Linux kernel's ext4 file system has been addressed, which involved a directory entry's rec_len field not being a multiple of four. This issue could be triggered by a corrupted filesystem image, leading to a kernel bug when the invalid length was processed. The vulnerability arose because the ext4 file system did not properly validate directory entries before use, allowing for the possibility of filesystem corruption to cause a critical error in the kernel.

Impact

Exploitation of this vulnerability could lead to a kernel panic, causing a denial of service by crashing the system.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel ext4 Invalid rec_len Directory Entry Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating