-

CVE-2025-68769

In the Linux kernel, the following vulnerability has been resolved:

f2fs: fix return value of f2fs_recover_fsync_data()

With below scripts, it will trigger panic in f2fs:

mkfs.f2fs -f /dev/vdd
mount /dev/vdd /mnt/f2fs
touch /mnt/f2fs/foo
sync
echo 111 >> /mnt/f2fs/foo
f2fs_io fsync /mnt/f2fs/foo
f2fs_io shutdown 2 /mnt/f2fs
umount /mnt/f2fs
mount -o ro,norecovery /dev/vdd /mnt/f2fs
or
mount -o ro,disable_roll_forward /dev/vdd /mnt/f2fs

F2FS-fs (vdd): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
F2FS-fs (vdd): Mounted with checkpoint version = 7f5c361f
F2FS-fs (vdd): Stopped filesystem due to reason: 0
F2FS-fs (vdd): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
Filesystem f2fs get_tree() didn't set fc->root, returned 1
------------[ cut here ]------------
kernel BUG at fs/super.c:1761!
Oops: invalid opcode: 0000 [#1] SMP PTI
CPU: 3 UID: 0 PID: 722 Comm: mount Not tainted 6.18.0-rc2+ #721 PREEMPT(voluntary)
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
RIP: 0010:vfs_get_tree.cold+0x18/0x1a
Call Trace:
 <TASK>
 fc_mount+0x13/0xa0
 path_mount+0x34e/0xc50
 __x64_sys_mount+0x121/0x150
 do_syscall_64+0x84/0x800
 entry_SYSCALL_64_after_hwframe+0x76/0x7e
RIP: 0033:0x7fa6cc126cfe

The root cause is we missed to handle error number returned from
f2fs_recover_fsync_data() when mounting image w/ ro,norecovery or
ro,disable_roll_forward mount option, result in returning a positive
error number to vfs_get_tree(), fix it.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
Produkt Linux
Default Statusunaffected
Version < e6ac31abd30e9fd2ef5f0819ce7f3f932be3b725
Version 6781eabba1bdb133eb9125c4acf6704ccbe4df02
Status affected
Version < 0de4977a1eeafe9d77701e3c031a1bcdba389243
Version 6781eabba1bdb133eb9125c4acf6704ccbe4df02
Status affected
Version < 9bc246018aaa3b46a7710428d0a2196c229f9d49
Version 6781eabba1bdb133eb9125c4acf6704ccbe4df02
Status affected
Version < a4c67d96f92eefcfa5596a08f069e77b743c5865
Version 6781eabba1bdb133eb9125c4acf6704ccbe4df02
Status affected
Version < 473550e715654ad7612aa490d583cb7c25fe2ff3
Version 6781eabba1bdb133eb9125c4acf6704ccbe4df02
Status affected
Version < 4560db9678a2c5952b6205fbca468c6805c2ba2a
Version 6781eabba1bdb133eb9125c4acf6704ccbe4df02
Status affected
Version < 01fba45deaddcce0d0b01c411435d1acf6feab7b
Version 6781eabba1bdb133eb9125c4acf6704ccbe4df02
Status affected
Version 1499d39b74f5957e932639a86487ccea5a0a9740
Status affected
HerstellerLinux
Produkt Linux
Default Statusaffected
Version 4.7
Status affected
Version < 4.7
Version 0
Status unaffected
Version <= 5.10.*
Version 5.10.248
Status unaffected
Version <= 5.15.*
Version 5.15.198
Status unaffected
Version <= 6.1.*
Version 6.1.160
Status unaffected
Version <= 6.6.*
Version 6.6.120
Status unaffected
Version <= 6.12.*
Version 6.12.64
Status unaffected
Version <= 6.18.*
Version 6.18.3
Status unaffected
Version <= *
Version 6.19-rc1
Status unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.03% 0.088
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
Es wurden noch keine Informationen zu CWE veröffentlicht.