QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2026-46046

Back to search

CVE-2026-46046

Published: May 27, 2026

Modified: Jun 1, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: fix missing brelse() in ext4_xattr_inode_dec_ref_all() The commit c8e008b60492 ("ext4: ignore xattrs past end") introduced a refcount leak in when block_csum is false. ext4_xattr_inode_dec_ref_all() calls ext4_get_inode_loc() to get iloc.bh, but never releases it with brelse().

VendorProductVersions

Linux

Linux

affected
76c365fa7e2a8bb85f0190cdb4b8cdc99b2fdce3 - < dd98a5603a212ea9c96c6982ccdbcc748fdb9a56
affected
f737418b6de31c962c7192777ee4018906975383 - < 153ab2c52355fbebcae622db8e7b506492c73a29
affected
cf9291a3449b04688b81e32621e88de8f4314b54 - < b706d00206a9e82362a9633efbd8b5775650169b
affected
362a90cecd36e8a5c415966d0b75b04a0270e4dd - < 1bc1107a3a403a6d440673ed6666f7b07ef868a8
affected
eb59cc31b6ea076021d14b04e7faab1636b87d0e - < 097227f1ffe1a85bc3c359f81c71e3d40e06e920

+14 more versions

Linux

Linux

affected
6.15
unaffected
0 - < 6.15
unaffected
5.10.258 - <= 5.10.*
unaffected
5.15.209 - <= 5.15.*
unaffected
6.1.175 - <= 6.1.*

+5 more versions

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now