CVE-2025-40190
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
12/11/2025
Last modified:
12/11/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
ext4: guard against EA inode refcount underflow in xattr update<br />
<br />
syzkaller found a path where ext4_xattr_inode_update_ref() reads an EA<br />
inode refcount that is already
Impact
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/1cfb3e4ddbdc8e02e637b8852540bd4718bf4814
- https://git.kernel.org/stable/c/3d6269028246f4484bfed403c947a114bb583631
- https://git.kernel.org/stable/c/440b003f449a4ff2a00b08c8eab9ba5cd28f3943
- https://git.kernel.org/stable/c/505e69f76ac497e788f4ea0267826ec7266b40c8
- https://git.kernel.org/stable/c/57295e835408d8d425bef58da5253465db3d6888
- https://git.kernel.org/stable/c/6b879c4c6bbaab03c0ad2a983953bd1410bb165e
- https://git.kernel.org/stable/c/79ea7f3e11effe1bd9e753172981d9029133a278
- https://git.kernel.org/stable/c/ea39e712c2f5ae148ee5515798ae03523673e002