CVE-2025-40150

NONE EPSS 11.6%
Published Nov 12, 20257mo ago · Modified Jun 17, 20262w ago
Find Similar
Published Nov 12, 2025 7mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid migrating empty section It reports a bug from device w/ zufs: F2FS-fs (dm-64): Inconsistent segment (173822) type [1, 0] in SSA and SIT F2FS-fs (dm-64): Stopped filesystem due to reason: 4 Thread A Thread B - f2fs_expand_inode_data - f2fs_allocate_pinning_section - f2fs_gc_range - do_garbage_collect w/ segno #x - writepage - f2fs_allocate_data_block - new_curseg - allocate segno #x The root cause is: fallocate on pinning file may race w/ block allocation as above, result in do_garbage_collect() from fallocate() may migrate segment which is just allocated by a log, the log will update segment type in its in-memory structure, however GC will get segment type from on-disk SSA block, once segment type changes by log, we can detect such inconsistency, then shutdown filesystem. In this case, on-disk SSA shows type of segno #173822 is 1 (SUM_TYPE_NODE), however segno #173822 was just allocated as data type segment, so in-memory SIT shows type of segno #173822 is 0 (SUM_TYPE_DATA). Change as below to fix this issue: - check whether current section is empty before gc - add sanity checks on do_garbage_collect() to avoid any race case, result in migrating segment used by log. - btw, it fixes misc issue in printed logs: "SSA and SIT" -> "SIT and SSA".

Threat Intelligence

EPSS Exploit Probability
11.6% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 4

  • git.kernel.org https://git.kernel.org/stable/c/25d2dc669f2a7e48b335d1cb07139f2ffc9fe5df
  • git.kernel.org https://git.kernel.org/stable/c/d625a2b08c089397d3a03bff13fa8645e4ec7a01
  • git.kernel.org https://git.kernel.org/stable/c/db489778e6f2a4034c2cd26fadda2796eba24dcd
  • git.kernel.org https://git.kernel.org/stable/c/eec1589be36fcf7440755703e4faeee2c01e360b

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.