What the vulnerability does

01Description

A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.

Key dates

02Disclosure timeline

May 8, 2023 CVE published
April 23, 2025 Record updated