CVE-2026-45948 PUBLISHED

ext4: fix memory leak in ext4_ext_shift_extents()

Assigner: Linux
Reserved: 13.05.2026 Published: 27.05.2026 Updated: 27.05.2026

In the Linux kernel, the following vulnerability has been resolved:

ext4: fix memory leak in ext4_ext_shift_extents()

In ext4_ext_shift_extents(), if the extent is NULL in the while loop, the function returns immediately without releasing the path obtained via ext4_find_extent(), leading to a memory leak.

Fix this by jumping to the out label to ensure the path is properly released.

Product Status

Vendor Linux
Product Linux
Versions Default: unaffected
  • affected from a18ed359bdddcded4f97ff5e2f07793ff9336913 to 7e807cb8603b7664fa630a696cd891d9a03c248d (excl.)
  • affected from a18ed359bdddcded4f97ff5e2f07793ff9336913 to afc5e61e1a07b2b833bd72cbee36ecce9cd901e2 (excl.)
  • affected from a18ed359bdddcded4f97ff5e2f07793ff9336913 to 1bce219ee5512cf179ba40cf114945a14a16e21f (excl.)
  • affected from a18ed359bdddcded4f97ff5e2f07793ff9336913 to 4a79fde8db7eba7f1128d971ceba4e3c9ac84aec (excl.)
  • affected from a18ed359bdddcded4f97ff5e2f07793ff9336913 to 2f4b1052246ca646bb17bfe0f53df2fdf9729b58 (excl.)
  • affected from a18ed359bdddcded4f97ff5e2f07793ff9336913 to 12615ab4bfb69678e5d961b28bb70040299e51b1 (excl.)
  • affected from a18ed359bdddcded4f97ff5e2f07793ff9336913 to bd7b52557e4a3ccd7595fdb3a585f1257de57935 (excl.)
  • affected from a18ed359bdddcded4f97ff5e2f07793ff9336913 to ca81109d4a8f192dc1cbad4a1ee25246363c2833 (excl.)
Vendor Linux
Product Linux
Versions Default: affected
  • Version 3.15 is affected
  • unaffected from 0 to 3.15 (excl.)
  • unaffected from 5.10.252 to 5.10.* (incl.)
  • unaffected from 5.15.202 to 5.15.* (incl.)
  • unaffected from 6.1.165 to 6.1.* (incl.)
  • unaffected from 6.6.128 to 6.6.* (incl.)
  • unaffected from 6.12.75 to 6.12.* (incl.)
  • unaffected from 6.18.14 to 6.18.* (incl.)
  • unaffected from 6.19.4 to 6.19.* (incl.)
  • unaffected from 7.0 to * (incl.)

References