CVE-2025-71292

MEDIUM EPSS 2.8%
Published May 6, 20261mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 6, 2026 1mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: jfs: nlink overflow in jfs_rename If nlink is maximal for a directory (-1) and inside that directory you perform a rename for some child directory (not moving from the parent), then the nlink of the first directory is first incremented and later decremented. Normally this is fine, but when nlink = -1 this causes a wrap around to 0, and then drop_nlink issues a warning. After applying the patch syzbot no longer issues any warnings. I also ran some basic fs tests to look for any regressions.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 13

VendorProductVersionRange
linuxlinux_kernel*≥2.6.12.1  –  <5.10.252
linuxlinux_kernel*≥5.11  –  <5.15.202
linuxlinux_kernel*≥5.16  –  <6.1.165
linuxlinux_kernel*≥6.2  –  <6.6.128
linuxlinux_kernel*≥6.7  –  <6.12.75
linuxlinux_kernel*≥6.13  –  <6.18.16
linuxlinux_kernel*≥6.19  –  <6.19.6
linuxlinux_kernel2.6.12any
linuxlinux_kernel2.6.12any
linuxlinux_kernel2.6.12any
linuxlinux_kernel2.6.12any
linuxlinux_kernel2.6.12any
linuxlinux_kernel2.6.12any

References 8

  • git.kernel.org https://git.kernel.org/stable/c/2108829a59f081e822fdab8c2cd7131deb8aa8a1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5d77c36cd4b698649f5c30c5f6c084f4f61d1880
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9218dc26fd922b09858ecd3666ed57dfd8098da8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/93c325746ae59709b4f9bad4e3e4761c8d566c70
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a3d66089e50a6e0142f8884471f74292102ea9aa
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b4330a0d0947fbdc9d445cbbeabd8cc910a8c9ca
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f70fcbc2ac7c24f087a2c895c5753aa730b1e479
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fe136426e30ca6debcf916fd6a141555ed9fde74
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/2108829a59f081e822fdab8c2cd7131deb8aa8a1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5d77c36cd4b698649f5c30c5f6c084f4f61d1880
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9218dc26fd922b09858ecd3666ed57dfd8098da8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/93c325746ae59709b4f9bad4e3e4761c8d566c70
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a3d66089e50a6e0142f8884471f74292102ea9aa
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b4330a0d0947fbdc9d445cbbeabd8cc910a8c9ca
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f70fcbc2ac7c24f087a2c895c5753aa730b1e479
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fe136426e30ca6debcf916fd6a141555ed9fde74
    Patch