CVE Catalog

CVE-2026-45948

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.16%

5th percentile - higher than 5% of all known CVEs

Summary

A vulnerability has been identified in the Linux kernel within the ext4_ext_shift_extents() function, leading to a memory leak. The issue occurs when the extent pointer is NULL, preventing resource release.

Risk Assessment

Memory leaks can lead to increased resource consumption, potentially affecting system stability and performance over time.

Recommendation

It is recommended to update the Linux kernel to the latest version to address this vulnerability and prevent memory leaks.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4_ext_shift_extents() In ext4_ext_shift_extents(), if the extent is NULL in the while loop, the function returns immediately without releasing the path obtained via ext4_find_extent(), leading to a memory leak. Fix this by jumping to the out label to ensure the path is properly released.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS