CVE-2025-71072 — Detection of Error Condition Without Action in Linux
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 95.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 13
Latest updateApr 17
Description
In the Linux kernel, the following vulnerability has been resolved:
shmem: fix recovery on rename failures
maple_tree insertions can fail if we are seriously short on memory;
simple_offset_rename() does not recover well if it runs into that.
The same goes for simple_offset_rename_exchange().
Moreover, shmem_whiteout() expects that if it succeeds, the caller will
progress to d_move(), i.e. that shmem_rename2() won't fail past the
successful call of shmem_whiteout().
Not hard to fix, fortunate…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages15 packages
▶CVEListV5linux/linuxa2e459555c5f9da3e619b7e47a63f98574dc75f1 — 4b0fe71fb3965d0db83cdfc2f4fe0b3227d70113+3
Patches
🔴Vulnerability Details
3OSV▶
CVE-2025-71072: In the Linux kernel, the following vulnerability has been resolved: shmem: fix recovery on rename failures maple_tree insertions can fail if we are se↗2026-01-13
GHSA▶
GHSA-2j2j-fmxq-39xm: In the Linux kernel, the following vulnerability has been resolved:
shmem: fix recovery on rename failures
maple_tree insertions can fail if we are↗2026-01-13