Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-21721— nilfs2: handle errors that nilfs_prepare_chunk() may return

EPSS 0.02% · P5

Affected Version Matrix 18

VendorProductVersion RangeStatus
LinuxLinux2ba466d74ed74f073257f86e61519cb8f8f46184< b38c6c260c2415c7f0968871305e7a093daabb4caffected
2ba466d74ed74f073257f86e61519cb8f8f46184< f70bd2d8ca454e0ed78970f72147ca321dbaa015affected
2ba466d74ed74f073257f86e61519cb8f8f46184< 607dc724b162f4452dc768865e578c1a509a1c8caffected
2ba466d74ed74f073257f86e61519cb8f8f46184< 1ee2d454baa361d2964e3e2f2cca9ee3f769d93caffected
2ba466d74ed74f073257f86e61519cb8f8f46184< 7891ac3b0a5c56f7148af507306308ab841cdc31affected
2ba466d74ed74f073257f86e61519cb8f8f46184< eddd3176b8c4c83a46ab974574cda7c3dfe09388affected
2ba466d74ed74f073257f86e61519cb8f8f46184< 481136234dfe96c7f92770829bec6111c7c5f5ddaffected
2ba466d74ed74f073257f86e61519cb8f8f46184< ee70999a988b8abc3490609142f50ebaa8344432affected
… +10 more rows
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-21721

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
nilfs2: handle errors that nilfs_prepare_chunk() may return
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle errors that nilfs_prepare_chunk() may return Patch series "nilfs2: fix issues with rename operations". This series fixes BUG_ON check failures reported by syzbot around rename operations, and a minor behavioral issue where the mtime of a child directory changes when it is renamed instead of moved. This patch (of 2): The directory manipulation routines nilfs_set_link() and nilfs_delete_entry() rewrite the directory entry in the folio/page previously read by nilfs_find_entry(), so error handling is omitted on the assumption that nilfs_prepare_chunk(), which prepares the buffer for rewriting, will always succeed for these. And if an error is returned, it triggers the legacy BUG_ON() checks in each routine. This assumption is wrong, as proven by syzbot: the buffer layer called by nilfs_prepare_chunk() may call nilfs_get_block() if necessary, which may fail due to metadata corruption or other reasons. This has been there all along, but improved sanity checks and error handling may have made it more reproducible in fuzzing tests. Fix this issue by adding missing error paths in nilfs_set_link(), nilfs_delete_entry(), and their caller nilfs_rename().
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于nilfs2未处理nilfs_prepare_chunk可能返回的错误。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 2ba466d74ed74f073257f86e61519cb8f8f46184 ~ b38c6c260c2415c7f0968871305e7a093daabb4c -
LinuxLinux 2.6.30 -

II. Public POCs for CVE-2025-21721

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2025-21721

登录查看更多情报信息。

Same Patch Batch · Linux · 2025-02-27 · 177 CVEs total

CVE-2025-217567.8 HIGHvsock: Keep the binding until socket destruction
CVE-2025-21773can: etas_es58x: fix potential NULL pointer dereference on udev->serial
CVE-2025-21763neighbour: use RCU protection in __neigh_notify()
CVE-2025-21762arp: use RCU protection in arp_xmit()
CVE-2025-21764ndisc: use RCU protection in ndisc_alloc_skb()
CVE-2025-21765ipv6: use RCU protection in ip6_default_advmss()
CVE-2025-21766ipv4: use RCU protection in __ip_rt_update_pmtu()
CVE-2025-21767clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context
CVE-2025-21769ptp: vmclock: Add .owner to vmclock_miscdev_fops
CVE-2025-21768net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels
CVE-2025-21771sched_ext: Fix incorrect autogroup migration detection
CVE-2025-21770iommu: Fix potential memory leak in iopf_queue_remove_device()
CVE-2025-21777ring-buffer: Validate the persistent meta data subbuf array
CVE-2025-21783gpiolib: Fix crash on error in gpiochip_get_ngpios()
CVE-2025-21781batman-adv: fix panic during interface removal
CVE-2025-21780drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()
CVE-2025-21779KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel
CVE-2025-21778tracing: Do not allow mmap() of persistent ring buffer
CVE-2025-21774can: rockchip: rkcanfd_handle_rx_fifo_overflow_int(): bail out if skb cannot be allocated
CVE-2025-21772partitions: mac: fix handling of bogus partition table

Showing top 20 of 177 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2025-21721

No comments yet

Leave a comment