VYPR
Medium severity5.5NVD Advisory· Published May 27, 2026· Updated Jun 16, 2026

CVE-2026-46046

CVE-2026-46046

Description

In the Linux kernel, the following vulnerability has been resolved:

ext4: fix missing brelse() in ext4_xattr_inode_dec_ref_all()

The commit c8e008b60492 ("ext4: ignore xattrs past end") introduced a refcount leak in when block_csum is false.

ext4_xattr_inode_dec_ref_all() calls ext4_get_inode_loc() to get iloc.bh, but never releases it with brelse().

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.