CVE-2025-22121

ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()

 carnil> Introduced in e50e5129f384 ("ext4: xattr-in-inode support"). Vulnerable
 carnil> versions: 4.13.

Branch	Status
upstream	released (6.15-rc1) [5701875f9609b000d91351eaa6bfd97fe2f157f4]
6.18-upstream-stable	N/A "Fixed before branching point"
6.17-upstream-stable	N/A "Fixed before branching point"
6.12-upstream-stable	released (6.12.59) [098927a13fd918bd7c64c2de905350a1ad7b4a3a]
6.6-upstream-stable	needed
6.1-upstream-stable	needed
5.10-upstream-stable	needed
sid	released (6.16.3-1)
6.12-trixie-security	released (6.12.63-1)
6.1-bookworm-security	needed
5.10-bullseye-security	needed