CVE-2025-22120

MEDIUM EPSS 5.1%
Published Apr 16, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Apr 16, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: goto right label 'out_mmap_sem' in ext4_setattr() Otherwise, if ext4_inode_attach_jinode() fails, a hung task will happen because filemap_invalidate_unlock() isn't called to unlock mapping->invalidate_lock. Like this: EXT4-fs error (device sda) in ext4_setattr:5557: Out of memory INFO: task fsstress:374 blocked for more than 122 seconds. Not tainted 6.14.0-rc1-next-20250206-xfstests-dirty #726 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:fsstress state:D stack:0 pid:374 tgid:374 ppid:373 task_flags:0x440140 flags:0x00000000 Call Trace: <TASK> __schedule+0x2c9/0x7f0 schedule+0x27/0xa0 schedule_preempt_disabled+0x15/0x30 rwsem_down_read_slowpath+0x278/0x4c0 down_read+0x59/0xb0 page_cache_ra_unbounded+0x65/0x1b0 filemap_get_pages+0x124/0x3e0 filemap_read+0x114/0x3d0 vfs_read+0x297/0x360 ksys_read+0x6c/0xe0 do_syscall_64+0x4b/0x110 entry_SYSCALL_64_after_hwframe+0x76/0x7e

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
5.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 3

VendorProductVersionRange
linuxlinux_kernel*≥6.6.70  –  <6.6.89
linuxlinux_kernel*≥6.12.5  –  <6.12.26
linuxlinux_kernel*≥6.13  –  <6.14.2

References 4

  • git.kernel.org https://git.kernel.org/stable/c/32d872e3905746ff1048078256cb00f946b97d8a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/45314999f950321a341033ae8f9ac12dce40669b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/551667f99bcf04fa58594d7d19aef73c861a1200
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7e91ae31e2d264155dfd102101afc2de7bd74a64
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/32d872e3905746ff1048078256cb00f946b97d8a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/45314999f950321a341033ae8f9ac12dce40669b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/551667f99bcf04fa58594d7d19aef73c861a1200
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7e91ae31e2d264155dfd102101afc2de7bd74a64
    Patch