QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2025-68820

Back to search

CVE-2025-68820

Published: Jan 13, 2026

Modified: May 23, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4_raw_inode() If ext4_get_inode_loc() fails (e.g. if it returns -EFSCORRUPTED), iloc.bh will remain set to NULL. Since ext4_xattr_inode_dec_ref_all() lacks error checking, this will lead to a null pointer dereference in ext4_raw_inode(), called right after ext4_get_inode_loc(). Found by Linux Verification Center (linuxtesting.org) with SVACE.

VendorProductVersions

Linux

Linux

affected
76c365fa7e2a8bb85f0190cdb4b8cdc99b2fdce3 - < b72a3476f0c97d02f63a6e9fff127348d55436f6
affected
f737418b6de31c962c7192777ee4018906975383 - < 3d8d22e75f7edfa0b30ff27330fd6a1285d594c3
affected
cf9291a3449b04688b81e32621e88de8f4314b54 - < 190ad0f22ba49f1101182b80e3af50ca2ddfe72f
affected
362a90cecd36e8a5c415966d0b75b04a0270e4dd - < b5d942922182e82724b7152cb998f540132885ec
affected
eb59cc31b6ea076021d14b04e7faab1636b87d0e - < 5b154e901fda2e98570b8f426a481f5740097dc2

+13 more versions

Linux

Linux

affected
6.15
unaffected
0 - < 6.15
unaffected
5.10.248 - <= 5.10.*
unaffected
5.15.198 - <= 5.15.*
unaffected
6.1.160 - <= 6.1.*

+4 more versions

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now