CVE-2025-68820
- Source
- https://cve.org/CVERecord?id=CVE-2025-68820
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-68820.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-68820
- Downstream
- Related
- Published
- 2026-01-13T15:29:23.351Z
- Modified
- 2026-03-28T17:44:34.911902772Z
- Summary
- ext4: xattr: fix null pointer deref in ext4_raw_inode()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ext4: xattr: fix null pointer deref in ext4rawinode()
If ext4getinodeloc() fails (e.g. if it returns -EFSCORRUPTED), iloc.bh will remain set to NULL. Since ext4xattrinodedecrefall() lacks error checking, this will lead to a null pointer dereference in ext4rawinode(), called right after ext4getinode_loc().
Found by Linux Verification Center (linuxtesting.org) with SVACE.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68820.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/190ad0f22ba49f1101182b80e3af50ca2ddfe72f
- https://git.kernel.org/stable/c/3d8d22e75f7edfa0b30ff27330fd6a1285d594c3
- https://git.kernel.org/stable/c/5b154e901fda2e98570b8f426a481f5740097dc2
- https://git.kernel.org/stable/c/b5d942922182e82724b7152cb998f540132885ec
- https://git.kernel.org/stable/c/b72a3476f0c97d02f63a6e9fff127348d55436f6
- https://git.kernel.org/stable/c/b97cb7d6a051aa6ebd57906df0e26e9e36c26d14
- https://git.kernel.org/stable/c/ce5f54c065a4a7cbb92787f4f140917112350142
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68820.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-68820
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced76c365fa7e2a8bb85f0190cdb4b8cdc99b2fdce3Fixedb72a3476f0c97d02f63a6e9fff127348d55436f6
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedf737418b6de31c962c7192777ee4018906975383Fixed3d8d22e75f7edfa0b30ff27330fd6a1285d594c3
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedcf9291a3449b04688b81e32621e88de8f4314b54Fixed190ad0f22ba49f1101182b80e3af50ca2ddfe72f
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced362a90cecd36e8a5c415966d0b75b04a0270e4ddFixedb5d942922182e82724b7152cb998f540132885ec
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedeb59cc31b6ea076021d14b04e7faab1636b87d0eFixed5b154e901fda2e98570b8f426a481f5740097dc2
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedc8e008b60492cf6fd31ef127aea6d02fd3d314cdFixedce5f54c065a4a7cbb92787f4f140917112350142Fixedb97cb7d6a051aa6ebd57906df0e26e9e36c26d14
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected6aff941cb0f7d0c897c3698ad2e30672709135e3Last affected3bc6317033f365ce578eb6039445fb66162722fdLast affected836e625b03a666cf93ff5be328c8cb30336db872
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.10.248
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.198
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.160
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.120
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.12.64
- Type
- ECOSYSTEM
- Events
-
Introduced6.13.0Fixed6.18.3