CVE-2026-23145 - Vulnerability Details

- ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref

Description

In the Linux kernel, the following vulnerability has been resolved:

ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref

The error branch for ext4_xattr_inode_update_ref forget to release the
refcount for iloc.bh. Find this when review code.

Published: 2026-02-14

Score: 5.5 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

This vulnerability originates from a missing reference count decrement in the ext4_xattr_inode_update_ref routine, which can cause reference count leaks for the inode locality buffer (iloc.bh). The leak can accumulate unaddressed resources, potentially leading to memory exhaustion or degraded filesystem performance. The weakness is a classic memory management defect (CWE-401).

Affected Systems

Affected systems are Linux kernels that contain the vulnerable code prior to the fix. The CPE data indicates that the 6.19 release candidates (rc1 through rc5) are impacted, and any kernel variants derived from the generic Linux:Linux product that include those release candidates are also vulnerable. Systems still running these kernels without the applied patch are at risk.

Risk and Exploitability

The CVSS score is 5.5, indicating moderate risk, while the EPSS score is below 1%, implying a very low likelihood of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog. The impact requires execution of ext4 extended attribute operations, which generally requires root or privileged access. Therefore the likely attack vector is local privileged use, and while a remote vector is not indicated, an attacker with sufficient access could trigger the leak repeatedly, leading to resource exhaustion over time.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`1cfb3e4ddbdc8e02e637b8852540bd4718bf4814`	affected	< 7c9f059c3d531a12d7ad96cd34a44b8af7c00d5f
`505e69f76ac497e788f4ea0267826ec7266b40c8`	affected	< 6241cd1d0acc2363016ac55b8773ba1332dd59d7
`3d6269028246f4484bfed403c947a114bb583631`	affected	< 3b00c16e42428a1ecd3a5eb9cc37f8ad9bd47626
`79ea7f3e11effe1bd9e753172981d9029133a278`	affected	< 0b06cde92f2f960f4ebe3c988c69f2711f2a24dc
`6b879c4c6bbaab03c0ad2a983953bd1410bb165e`	affected	< 8e8542c539927ae3898a4d02941f84e252e2dea1
`57295e835408d8d425bef58da5253465db3d6888`	affected	< 06e26287f2e349a28ad363941ffd9076bfed8b2e
`57295e835408d8d425bef58da5253465db3d6888`	affected	< d250bdf531d9cd4096fedbb9f172bb2ca660c868
`ea39e712c2f5ae148ee5515798ae03523673e002`	affected	—
`440b003f449a4ff2a00b08c8eab9ba5cd28f3943`	affected	—

Linux

affected

Version	Status	Constraints
`6.18`	affected	—
`0`	unaffected	< 6.18
`5.10.249`	unaffected	≤ 5.10.*
`5.15.199`	unaffected	≤ 5.15.*
`6.1.162`	unaffected	≤ 6.1.*
`6.6.122`	unaffected	≤ 6.6.*
`6.12.67`	unaffected	≤ 6.12.*
`6.18.7`	unaffected	≤ 6.18.*
`6.19`	unaffected	≤ *

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc5::::::

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

—

Version	Status	Scheme	Platform
`[1cfb3e4ddbdc8e02e637b8852540bd4718bf4814,7c9f059c3d531a12d7ad96cd34a44b8af7c00d5f)`	affected	code_commit	—
`[505e69f76ac497e788f4ea0267826ec7266b40c8,6241cd1d0acc2363016ac55b8773ba1332dd59d7)`	affected	code_commit	—
`[3d6269028246f4484bfed403c947a114bb583631,3b00c16e42428a1ecd3a5eb9cc37f8ad9bd47626)`	affected	code_commit	—
`[79ea7f3e11effe1bd9e753172981d9029133a278,0b06cde92f2f960f4ebe3c988c69f2711f2a24dc)`	affected	code_commit	—
`[6b879c4c6bbaab03c0ad2a983953bd1410bb165e,8e8542c539927ae3898a4d02941f84e252e2dea1)`	affected	code_commit	—
`[57295e835408d8d425bef58da5253465db3d6888,06e26287f2e349a28ad363941ffd9076bfed8b2e)`	affected	code_commit	—
`[57295e835408d8d425bef58da5253465db3d6888,d250bdf531d9cd4096fedbb9f172bb2ca660c868)`	affected	code_commit	—
`ea39e712c2f5ae148ee5515798ae03523673e002`	affected	code_commit	—
`440b003f449a4ff2a00b08c8eab9ba5cd28f3943`	affected	code_commit	—

Linux

Linux Kernel

—

Version	Status	Scheme	Platform
`6.18`	affected	semver	—
`[0,6.18)`	unaffected	semver	—
`[5.10.249,5.11.0)`	unaffected	semver	—
`[5.15.199,5.16.0)`	unaffected	semver	—
`[6.1.162,6.2.0)`	unaffected	semver	—
`[6.6.122,6.7.0)`	unaffected	semver	—
`[6.12.67,6.13.0)`	unaffected	semver	—
`[6.18.7,6.19.0)`	unaffected	semver	—
`[6.19,*]`	unaffected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade the kernel to a release that contains the fix, such as Linux kernel 6.19 rc6 or later, or the latest stable 6.19.x.
If upgrading is not immediately possible, avoid performing extended attribute operations on files in affected filesystems until the kernel is patched.
As a supplementary measure, monitor system memory usage and kernel logs for signs of iloc.bh leaks; consider applying mitigations such as system reboot or temporary disabling of ext4 extended attributes if the leak causes instability.

Generated by OpenCVE AI on April 18, 2026 at 12:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Ubuntu USN	USN-8162-1	Linux kernel (NVIDIA Tegra) vulnerabilities
Ubuntu USN	USN-8180-1	Linux kernel vulnerabilities
Ubuntu USN	USN-8180-2	Linux kernel (FIPS) vulnerabilities
Ubuntu USN	USN-8186-1	Linux kernel (Real-time) vulnerabilities
Ubuntu USN	USN-8187-1	Linux kernel (NVIDIA) vulnerabilities
Ubuntu USN	USN-8188-1	Linux kernel (HWE) vulnerabilities

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00015.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/06e26287f2e349a28ad363941ffd9076bfed8b2e
https://git.kernel.org/stable/c/0b06cde92f2f960f4ebe3c988c69f2711f2a24dc
https://git.kernel.org/stable/c/3b00c16e42428a1ecd3a5eb9cc37f8ad9bd47626
https://git.kernel.org/stable/c/6241cd1d0acc2363016ac55b8773ba1332dd59d7
https://git.kernel.org/stable/c/7c9f059c3d531a12d7ad96cd34a44b8af7c00d5f
https://git.kernel.org/stable/c/8e8542c539927ae3898a4d02941f84e252e2dea1
https://git.kernel.org/stable/c/d250bdf531d9cd4096fedbb9f172bb2ca660c868
https://lore.kernel.org/linux-cve-announce/2026021417-CVE-2026-23145-0c0b@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-23145
https://www.cve.org/CVERecord?id=CVE-2026-23145

History

Tue, 17 Mar 2026 21:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-401
CPEs		cpe:2.3:o:linux:linux_kernel:6.19:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.19:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.19:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.19:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.19:rc5::::::

Mon, 16 Feb 2026 12:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2026021417-CVE-2026-23145-0c0b@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-23145 https://www.cve.org/CVERecord?id=CVE-2026-23145
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Low`

Sat, 14 Feb 2026 15:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref The error branch for ext4_xattr_inode_update_ref forget to release the refcount for iloc.bh. Find this when review code.
Title		ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/06e26287f2e349a28ad363941ffd9076bfed8b2e https://git.kernel.org/stable/c/0b06cde92f2f960f4ebe3c988c69f2711f2a24dc https://git.kernel.org/stable/c/3b00c16e42428a1ecd3a5eb9cc37f8ad9bd47626 https://git.kernel.org/stable/c/6241cd1d0acc2363016ac55b8773ba1332dd59d7 https://git.kernel.org/stable/c/7c9f059c3d531a12d7ad96cd34a44b8af7c00d5f https://git.kernel.org/stable/c/8e8542c539927ae3898a4d02941f84e252e2dea1 https://git.kernel.org/stable/c/d250bdf531d9cd4096fedbb9f172bb2ca660c868

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-02-14T15:36:10.207Z

Updated: 2026-02-14T15:36:10.207Z

Reserved: 2026-01-13T15:37:45.974Z

Link: CVE-2026-23145

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2026-02-14T16:15:54.597

Modified: 2026-03-17T21:13:17.667

Link: CVE-2026-23145

Redhat

Severity : Low

Publid Date: 2026-02-14T00:00:00Z

Links: CVE-2026-23145 - Bugzilla

OpenCVE Enrichment

Updated: 2026-04-18T12:30:45Z

Weaknesses

CWE-401

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object