CVE-2026-45948
ext4: fix memory leak in ext4_ext_shift_extents()
Description
In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4_ext_shift_extents() In ext4_ext_shift_extents(), if the extent is NULL in the while loop, the function returns immediately without releasing the path obtained via ext4_find_extent(), leading to a memory leak. Fix this by jumping to the out label to ensure the path is properly released.
INFO
Published Date :
May 27, 2026, 2:17 p.m.
Last Modified :
May 27, 2026, 2:48 p.m.
Remotely Exploit :
No
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Solution
- Apply the fix to ext4_ext_shift_extents() function.
- Ensure path is released in ext4_ext_shift_extents().
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2026-45948.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2026-45948 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2026-45948
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2026-45948 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2026-45948 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
May. 27, 2026
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4_ext_shift_extents() In ext4_ext_shift_extents(), if the extent is NULL in the while loop, the function returns immediately without releasing the path obtained via ext4_find_extent(), leading to a memory leak. Fix this by jumping to the out label to ensure the path is properly released. Added Reference https://git.kernel.org/stable/c/12615ab4bfb69678e5d961b28bb70040299e51b1 Added Reference https://git.kernel.org/stable/c/1bce219ee5512cf179ba40cf114945a14a16e21f Added Reference https://git.kernel.org/stable/c/2f4b1052246ca646bb17bfe0f53df2fdf9729b58 Added Reference https://git.kernel.org/stable/c/4a79fde8db7eba7f1128d971ceba4e3c9ac84aec Added Reference https://git.kernel.org/stable/c/7e807cb8603b7664fa630a696cd891d9a03c248d Added Reference https://git.kernel.org/stable/c/afc5e61e1a07b2b833bd72cbee36ecce9cd901e2 Added Reference https://git.kernel.org/stable/c/bd7b52557e4a3ccd7595fdb3a585f1257de57935 Added Reference https://git.kernel.org/stable/c/ca81109d4a8f192dc1cbad4a1ee25246363c2833