CVE-2026-45948
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk5th percentile - higher than 5% of all known CVEs
Summary
A vulnerability has been identified in the Linux kernel within the ext4_ext_shift_extents() function, leading to a memory leak. The issue occurs when the extent pointer is NULL, preventing resource release.
Risk Assessment
Memory leaks can lead to increased resource consumption, potentially affecting system stability and performance over time.
Recommendation
It is recommended to update the Linux kernel to the latest version to address this vulnerability and prevent memory leaks.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4_ext_shift_extents() In ext4_ext_shift_extents(), if the extent is NULL in the while loop, the function returns immediately without releasing the path obtained via ext4_find_extent(), leading to a memory leak. Fix this by jumping to the out label to ensure the path is properly released.

