{"vulnerability": "CVE-2025-22121", "sightings": [{"uuid": "39d4c14a-d800-4bde-ae41-bf2691ad25b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22121", "type": "seen", "source": "Telegram/VAb3zzagTn6lQbft5tz1fytQ8Ohgykhy9DuLCcxvkLhSx6o", "content": "", "creation_timestamp": "2026-01-11T18:01:59.000000Z"}, {"uuid": "c5381095-0bf8-437c-9301-bad69f3ed497", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-22121", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "f8fb0ba9-b42a-44e5-8585-557f9f8353cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-22121", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260408", "content": "", "creation_timestamp": "2026-04-07T18:00:00.000000Z"}, {"uuid": "813e4495-4209-4b7a-9615-efe2e77efea2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-22121", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "f737bc15-d2e7-4a65-abc6-e3a9ca76721d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-22121", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "3cefb59b-a040-4f1c-a635-8452dc7b3eb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22121", "type": "seen", "source": "https://t.me/cvedetector/23122", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22121 - Linux Kernel ext4 Use-After-Free Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22121 \nPublished : April 16, 2025, 3:16 p.m. | 23\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \next4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()  \n  \nThere's issue as follows:  \nBUG: KASAN: use-after-free in ext4_xattr_inode_dec_ref_all+0x6ff/0x790  \nRead of size 4 at addr ffff88807b003000 by task syz-executor.0/15172  \n  \nCPU: 3 PID: 15172 Comm: syz-executor.0  \nCall Trace:  \n __dump_stack lib/dump_stack.c:82 [inline]  \n dump_stack+0xbe/0xfd lib/dump_stack.c:123  \n print_address_description.constprop.0+0x1e/0x280 mm/kasan/report.c:400  \n __kasan_report.cold+0x6c/0x84 mm/kasan/report.c:560  \n kasan_report+0x3a/0x50 mm/kasan/report.c:585  \n ext4_xattr_inode_dec_ref_all+0x6ff/0x790 fs/ext4/xattr.c:1137  \n ext4_xattr_delete_inode+0x4c7/0xda0 fs/ext4/xattr.c:2896  \n ext4_evict_inode+0xb3b/0x1670 fs/ext4/inode.c:323  \n evict+0x39f/0x880 fs/inode.c:622  \n iput_final fs/inode.c:1746 [inline]  \n iput fs/inode.c:1772 [inline]  \n iput+0x525/0x6c0 fs/inode.c:1758  \n ext4_orphan_cleanup fs/ext4/super.c:3298 [inline]  \n ext4_fill_super+0x8c57/0xba40 fs/ext4/super.c:5300  \n mount_bdev+0x355/0x410 fs/super.c:1446  \n legacy_get_tree+0xfe/0x220 fs/fs_context.c:611  \n vfs_get_tree+0x8d/0x2f0 fs/super.c:1576  \n do_new_mount fs/namespace.c:2983 [inline]  \n path_mount+0x119a/0x1ad0 fs/namespace.c:3316  \n do_mount+0xfc/0x110 fs/namespace.c:3329  \n __do_sys_mount fs/namespace.c:3540 [inline]  \n __se_sys_mount+0x219/0x2e0 fs/namespace.c:3514  \n do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46  \n entry_SYSCALL_64_after_hwframe+0x67/0xd1  \n  \nMemory state around the buggy address:  \n ffff88807b002f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  \n ffff88807b002f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  \n>ffff88807b003000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  \n                   ^  \n ffff88807b003080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  \n ffff88807b003100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  \n  \nAbove issue happens as ext4_xattr_delete_inode() isn't check xattr  \nis valid if xattr is in inode.  \nTo solve above issue call xattr_check_inode() check if xattr if valid  \nin inode. In fact, we can directly verify in ext4_iget_extra_inode(),  \nso that there is no divergent verification. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T17:43:48.000000Z"}]}