CVE-2025-40025Linux vulnerability

13 documents7 sources
Severity
6.1MEDIUM
No vector
EPSS
0.0%
top 92.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedOct 28
Latest updateDec 11

Description

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node footer for non inode dnode As syzbot reported below: ------------[ cut here ]------------ kernel BUG at fs/f2fs/file.c:1243! Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI CPU: 0 UID: 0 PID: 5354 Comm: syz.0.0 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) RIP: 0010:f2fs_truncate_hole+0x69e/0x6c0 fs/f2fs/file.c:1243 Call Trace: f2fs_punch_hole+0x2db/0x330 fs/f2fs/f

Affected Packages6 packages

Linuxlinux/linux_kernel3.8.06.17.2
Debianlinux/linux_kernel< 6.17.6-1
Ubuntulinux/linux_kernel< 6.17.0-7.7
CVEListV5linux/linux98e4da8ca301e062d79ae168c67e56f3c3de3ce4186098f34b8a5d65eb828f952c8cc56272c60ea0+2

🔴Vulnerability Details

6
OSV
linux-raspi vulnerabilities2025-12-11
OSV
linux-gcp vulnerabilities2025-12-05
OSV
linux, linux-aws, linux-realtime vulnerabilities2025-12-03
GHSA
GHSA-j968-frjr-f6j9: In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node footer for non inode dnode As syzbot report2025-10-28
OSV
CVE-2025-40025: In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node footer for non inode dnode As syzbot reported2025-10-28

📋Vendor Advisories

6
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2025-12-11
Ubuntu
Linux kernel (GCP) vulnerabilities2025-12-05
Ubuntu
Linux kernel vulnerabilities2025-12-03
Red Hat
kernel: f2fs: fix to do sanity check on node footer for non inode dnode2025-10-28
Microsoft
f2fs: fix to do sanity check on node footer for non inode dnode2025-10-14