Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Local vector and low-privilege match ext4 requiring authenticated filesystem access; A:H reflects kernel crash potential; no confidentiality or integrity impact per description.
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
5DescriptionNVD
In the Linux kernel, the following vulnerability has been resolved:
ext4: drop extent cache when splitting extent fails
When the split extent fails, we might leave some extents still being processed and return an error directly, which will result in stale extent entries remaining in the extent status tree. So drop all of the remaining potentially stale extents if the splitting fails.
AnalysisAI
Availability impact via stale extent cache corruption in the Linux kernel's ext4 filesystem driver allows a local low-privileged user to trigger a kernel denial-of-service condition. When an ext4 extent-splitting operation fails mid-execution, stale entries are left in the extent status tree, which can cause subsequent filesystem operations to crash the kernel. No public exploit exists and EPSS probability sits at 0.02% (7th percentile), reflecting this as a stability bug rather than a targeted attack vector. Vendor-released patches are available across all active stable branches.
Technical ContextAI
The affected component is the ext4 extent status tree, a radix-tree-based in-memory cache that maps logical block ranges to physical extents for efficient extent lookups. When an extent-splitting operation (used during write or truncate paths) fails after partially modifying tree state, the cleanup path previously did not drop affected extent entries from the cache. This left logically inconsistent entries in the status tree that could be used by subsequent block mapping operations, potentially triggering a kernel BUG() or NULL dereference. The root cause is incomplete cleanup on error paths - semantically matching CWE-459 (Incomplete Cleanup) even though no CWE is formally assigned. Affected products span all Linux kernel stable branches from the initial git commit (1da177e4c3f41524e886b7f1b8a0c1fc7321cac2) through the fixed versions, per CPE cpe:2.3:o:linux:linux_kernel.
RemediationAI
The primary remediation is to upgrade to a patched Linux kernel version: 5.10.253, 5.15.203, 6.6.130, 6.12.75, 6.18.14, 6.19.4, or 7.0 (or later in each respective stable series). Upstream fix commits are available at https://git.kernel.org/stable/c/120c6bd7ca9d3e80a968b758cbb3fbd67570f132 (5.10 branch), https://git.kernel.org/stable/c/6e54f8dfee359bbd58086c883ea8cffd5312999d, https://git.kernel.org/stable/c/337506dc652383c80839edb8d8dcdd8ff2129b4f, https://git.kernel.org/stable/c/808f3191498f300174523c54cab101e18795ae4e, https://git.kernel.org/stable/c/79b592e8f1b435796cbc2722190368e3e8ffd7a1, https://git.kernel.org/stable/c/31bf37cf53ede8145e2bc62da803d4506da92975, and https://git.kernel.org/stable/c/dc7c9b9d03a59a7fe483574531327e650a4b4adc. As a workaround for systems that cannot immediately be patched, mounting ext4 filesystems with the 'nodelalloc' option reduces the likelihood of triggering delayed allocation extent splits, though this has a performance trade-off and is not a guaranteed mitigation. Restricting untrusted local user access to writable ext4 filesystems reduces exposure in multi-tenant environments.
Same technique Information Disclosure
View allVendor StatusVendor
SUSE
Severity: Moderate| Product | Status |
|---|---|
| SUSE Linux Enterprise Desktop 15 SP7 | Affected |
| SUSE Linux Enterprise Desktop 15 SP7 | Affected |
| SUSE Linux Enterprise High Availability Extension 15 SP7 | Affected |
| SUSE Linux Enterprise High Availability Extension 15 SP7 | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP7 | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP7 | Affected |
| SUSE Linux Enterprise Live Patching 15 SP7 | Affected |
| SUSE Linux Enterprise Live Patching 15 SP7 | Affected |
| SUSE Linux Enterprise Micro 5.3 | Not-Affected |
| SUSE Linux Enterprise Micro 5.3 | Not-Affected |
| SUSE Linux Enterprise Micro 5.3 | Not-Affected |
| SUSE Linux Enterprise Micro 5.3 | Not-Affected |
| SUSE Linux Enterprise Micro 5.4 | Not-Affected |
| SUSE Linux Enterprise Micro 5.4 | Not-Affected |
| SUSE Linux Enterprise Micro 5.4 | Not-Affected |
| SUSE Linux Enterprise Micro 5.4 | Not-Affected |
| SUSE Linux Enterprise Micro 5.5 | Not-Affected |
| SUSE Linux Enterprise Micro 5.5 | Not-Affected |
| SUSE Linux Enterprise Micro 5.5 | Not-Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP7 | Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP7 | Affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP7 | Affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP7 | Affected |
| SUSE Linux Enterprise Module for Legacy 15 SP7 | Affected |
| SUSE Linux Enterprise Module for Legacy 15 SP7 | Affected |
| SUSE Linux Enterprise Module for Public Cloud 15 SP7 | Affected |
| SUSE Linux Enterprise Module for Public Cloud 15 SP7 | Affected |
| SUSE Linux Enterprise Real Time 15 SP7 | Affected |
| SUSE Linux Enterprise Server 15 SP7 | Affected |
| SUSE Linux Enterprise Server 15 SP7 | Affected |
| SUSE Linux Enterprise Server 16.0 | Affected |
| SUSE Linux Enterprise Server 16.0 | Affected |
| SUSE Linux Enterprise Server 16.1 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP7 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP7 | Affected |
| SUSE Linux Enterprise Server for SAP applications 16.0 | Affected |
| SUSE Linux Enterprise Server for SAP applications 16.0 | Affected |
| SUSE Linux Enterprise Server for SAP applications 16.1 | Affected |
| SUSE Linux Enterprise Workstation Extension 15 SP7 | Affected |
| SUSE Linux Enterprise Workstation Extension 15 SP7 | Affected |
| SUSE Linux Micro 6.0 | Affected |
| SUSE Linux Micro 6.0 | Affected |
| SUSE Linux Micro 6.0 | Affected |
| SUSE Linux Micro 6.1 | Affected |
| SUSE Linux Micro 6.1 | Affected |
| SUSE Linux Micro 6.1 | Affected |
| SUSE Linux Micro 6.2 | Affected |
| SUSE Linux Micro 6.2 | Affected |
| SUSE Real Time Module 15 SP7 | Affected |
| openSUSE Leap 16.0 | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP4 | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP5 | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS | Not-Affected |
| SUSE Linux Enterprise Live Patching 12 SP5 | Not-Affected |
| SUSE Linux Enterprise Live Patching 12 SP5 | Not-Affected |
| SUSE Linux Enterprise Live Patching 15 SP4 | Not-Affected |
| SUSE Linux Enterprise Live Patching 15 SP4 | Not-Affected |
| SUSE Linux Enterprise Live Patching 15 SP5 | Not-Affected |
| SUSE Linux Enterprise Live Patching 15 SP5 | Not-Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP4 | Not-Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP5 | Not-Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP6 | Affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP4 | Not-Affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP5 | Not-Affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP6 | Affected |
| SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE | Not-Affected |
| SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE | Not-Affected |
| SUSE Linux Enterprise Server 12 SP5 | Not-Affected |
| SUSE Linux Enterprise Server 12 SP5-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 12 SP5-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security | Not-Affected |
| SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security | Not-Affected |
| SUSE Linux Enterprise Server 15 SP4 | Not-Affected |
| SUSE Linux Enterprise Server 15 SP4-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP4-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP5 | Not-Affected |
| SUSE Linux Enterprise Server 15 SP5-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP5-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP6 | Affected |
| SUSE Linux Enterprise Server 15 SP6-LTSS | Affected |
| SUSE Linux Enterprise Server 15 SP6-LTSS | Affected |
| SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP6 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP6 | Affected |
| SUSE Manager Proxy 4.3 | Not-Affected |
| SUSE Manager Proxy LTS 4.3 | Not-Affected |
| SUSE Manager Retail Branch Server 4.3 | Not-Affected |
| SUSE Manager Retail Branch Server LTS 4.3 | Not-Affected |
| SUSE Manager Server 4.3 | Not-Affected |
| SUSE Manager Server LTS 4.3 | Not-Affected |
| SUSE CaaS Platform 4.0 | Not-Affected |
| SUSE Enterprise Storage 6 | Not-Affected |
| SUSE Enterprise Storage 7 | Not-Affected |
| SUSE Enterprise Storage 7.1 | Not-Affected |
| SUSE Linux Enterprise Desktop 11 SP4 | Not-Affected |
| SUSE Linux Enterprise Desktop 12 SP4 | Not-Affected |
| SUSE Linux Enterprise Desktop 15 SP1 | Not-Affected |
| SUSE Linux Enterprise Desktop 15 SP2 | Not-Affected |
| SUSE Linux Enterprise Desktop 15 SP3 | Not-Affected |
| SUSE Linux Enterprise Desktop 15 SP4 | Not-Affected |
| SUSE Linux Enterprise Desktop 15 SP5 | Not-Affected |
| SUSE Linux Enterprise Desktop 15 SP6 | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP1 | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP2 | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3 | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP6 | Affected |
| SUSE Linux Enterprise Micro 5.0 | Not-Affected |
| SUSE Linux Enterprise Micro 5.1 | Not-Affected |
| SUSE Linux Enterprise Micro 5.2 | Not-Affected |
| SUSE Linux Enterprise Micro 5.2 | Not-Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP1 | Not-Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP2 | Not-Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP3 | Not-Affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP1 | Not-Affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP2 | Not-Affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP3 | Not-Affected |
| SUSE Linux Enterprise Real Time 15 SP2 | Not-Affected |
| SUSE Linux Enterprise Real Time 15 SP3 | Not-Affected |
| SUSE Linux Enterprise Real Time 15 SP4 | Not-Affected |
| SUSE Linux Enterprise Real Time 15 SP4 | Not-Affected |
| SUSE Linux Enterprise Real Time 15 SP5 | Not-Affected |
| SUSE Linux Enterprise Server 11 SP4 | Not-Affected |
| SUSE Linux Enterprise Server 11 SP4-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 12 SP4 | Not-Affected |
| SUSE Linux Enterprise Server 12 SP4-ESPOS | Not-Affected |
| SUSE Linux Enterprise Server 12 SP4-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 12 SP4-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP1 | Not-Affected |
| SUSE Linux Enterprise Server 15 SP1-BCL | Not-Affected |
| SUSE Linux Enterprise Server 15 SP1-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP1-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP2 | Not-Affected |
| SUSE Linux Enterprise Server 15 SP2-BCL | Not-Affected |
| SUSE Linux Enterprise Server 15 SP2-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP2-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP3 | Not-Affected |
| SUSE Linux Enterprise Server 15 SP3-BCL | Not-Affected |
| SUSE Linux Enterprise Server 15 SP3-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP3-LTSS | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 12 SP4 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP1 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP2 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP3 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP4 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP4 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP5 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP5 | Not-Affected |
| SUSE Manager Proxy 4.0 | Not-Affected |
| SUSE Manager Proxy 4.1 | Not-Affected |
| SUSE Manager Proxy 4.2 | Not-Affected |
| SUSE Manager Retail Branch Server 4.0 | Not-Affected |
| SUSE Manager Retail Branch Server 4.1 | Not-Affected |
| SUSE Manager Retail Branch Server 4.2 | Not-Affected |
| SUSE Manager Server 4.0 | Not-Affected |
| SUSE Manager Server 4.1 | Not-Affected |
| SUSE Manager Server 4.2 | Not-Affected |
| SUSE OpenStack Cloud 9 | Not-Affected |
| SUSE OpenStack Cloud Crowbar 9 | Not-Affected |
| SUSE Real Time Module 15 SP4 | Not-Affected |
| SUSE Real Time Module 15 SP5 | Not-Affected |
| openSUSE Leap 15.3 | Not-Affected |
| openSUSE Leap 15.4 | Not-Affected |
| openSUSE Leap 15.4 | Not-Affected |
| openSUSE Leap 15.5 | Not-Affected |
| openSUSE Leap 15.5 | Not-Affected |
| openSUSE Leap 15.6 | Affected |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-32365
GHSA-fm97-7qpp-598c