Vulnerability in Linux

CVE-2025-40167

In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINE_DATA + EXTENTS flag combination syzbot reported a BUG_ON in ext4_es_cache_extent() when opening a verity file on a corrupted ext4 filesystem…

EPSS: 0.002 (6.8th percentile) — read the EPSS interpretation.

Affected products

  • Linux — versions f19d5870cbf72d4cb2a8e1f749dff97af99b071e, 3.8, 0

References