CVE-2025-71107

EPSS 0.02%
Veröffentlicht 14.01.2026 15:15:59
Zuletzt bearbeitet 14.01.2026 16:25:12
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

f2fs: ensure node page reads complete before f2fs_put_super() finishes

Xfstests generic/335, generic/336 sometimes crash with the following message:

F2FS-fs (dm-0): detect filesystem reference count leak during umount, type: 9, count: 1
------------[ cut here ]------------
kernel BUG at fs/f2fs/super.c:1939!
Oops: invalid opcode: 0000 [#1] SMP NOPTI
CPU: 1 UID: 0 PID: 609351 Comm: umount Tainted: G        W           6.17.0-rc5-xfstests-g9dd1835ecda5 #1 PREEMPT(none)
Tainted: [W]=WARN
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
RIP: 0010:f2fs_put_super+0x3b3/0x3c0
Call Trace:
 <TASK>
 generic_shutdown_super+0x7e/0x190
 kill_block_super+0x1a/0x40
 kill_f2fs_super+0x9d/0x190
 deactivate_locked_super+0x30/0xb0
 cleanup_mnt+0xba/0x150
 task_work_run+0x5c/0xa0
 exit_to_user_mode_loop+0xb7/0xc0
 do_syscall_64+0x1ae/0x1c0
 entry_SYSCALL_64_after_hwframe+0x76/0x7e
 </TASK>
---[ end trace 0000000000000000 ]---

It appears that sometimes it is possible that f2fs_put_super() is called before
all node page reads are completed.
Adding a call to f2fs_wait_on_all_pages() for F2FS_RD_NODE fixes the problem.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < c3031cf2b61f1508662fc95ef9ad505cb0882a5f

Version 20872584b8c0b006c007da9588a272c9e28d2e18

Status affected

Version < 3b15d5f12935e9e25f9a571e680716bc9ee61025

Version 20872584b8c0b006c007da9588a272c9e28d2e18

Status affected

Version < 0b36fae23621a09e772c8adf918b9011158f8511

Version 20872584b8c0b006c007da9588a272c9e28d2e18

Status affected

Version < 297baa4aa263ff8f5b3d246ee16a660d76aa82c4

Version 20872584b8c0b006c007da9588a272c9e28d2e18

Status affected

Version 0e2577074b459bba7f4016f4d725ede37d48bb22

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.5

Status affected

Version < 6.5

Version 0

Status unaffected

Version <= 6.6.*

Version 6.6.120

Status unaffected

Version <= 6.12.*

Version 6.12.64

Status unaffected

Version <= 6.18.*

Version 6.18.3

Status unaffected

Version <= *

Version 6.19-rc1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.055

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/0b36fae23621a09e772c8adf918b9011158f8511

https://git.kernel.org/stable/c/297baa4aa263ff8f5b3d246ee16a660d76aa82c4

https://git.kernel.org/stable/c/3b15d5f12935e9e25f9a571e680716bc9ee61025

https://git.kernel.org/stable/c/c3031cf2b61f1508662fc95ef9ad505cb0882a5f

https://nvd.nist.gov/vuln/detail/CVE-2025-71107

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-71107

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-71107

EUVD