CVE-2025-37742— jfs: Fix uninit-value access of imap allocated in the diMount() function

AI Predicted 5.5 Difficulty: Hard EPSS 0.05% · P17 Updated May 13, 2026

Affected Version Matrix 16

Vendor	Product	Version Range	Status
Linux	Linux	`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< 4f10732712fce33e53703ffe5ed9155f23814097`	affected
		`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< cab1852368dd74d629ee02abdbc559218ca64dde`	affected
		`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< 067347e00a3a7d04afed93f080c6c131e5dd15ee`	affected
		`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< 63148ce4904faa668daffdd1d3c1199ae315ef2c`	affected
		`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< 7057f3aab47629d38e54eae83505813cf0da1e4b`	affected
		`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< d0d7eca253ccd0619b3d2b683ffe32218ebca9ac`	affected
		`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2< 9629d7d66c621671d9a47afe27ca9336bfc8a9ea`	affected
		`2.6.12`	affected
… +8 more rows

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-37742

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

jfs: Fix uninit-value access of imap allocated in the diMount() function

Source: NVD (National Vulnerability Database)

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uninit-value access of imap allocated in the diMount() function syzbot reports that hex_dump_to_buffer is using uninit-value: ===================================================== BUG: KMSAN: uninit-value in hex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171 hex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171 print_hex_dump+0x13d/0x3e0 lib/hexdump.c:276 diFree+0x5ba/0x4350 fs/jfs/jfs_imap.c:876 jfs_evict_inode+0x510/0x550 fs/jfs/inode.c:156 evict+0x723/0xd10 fs/inode.c:796 iput_final fs/inode.c:1946 [inline] iput+0x97b/0xdb0 fs/inode.c:1972 txUpdateMap+0xf3e/0x1150 fs/jfs/jfs_txnmgr.c:2367 txLazyCommit fs/jfs/jfs_txnmgr.c:2664 [inline] jfs_lazycommit+0x627/0x11d0 fs/jfs/jfs_txnmgr.c:2733 kthread+0x6b9/0xef0 kernel/kthread.c:464 ret_from_fork+0x6d/0x90 arch/x86/kernel/process.c:148 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 Uninit was created at: slab_post_alloc_hook mm/slub.c:4121 [inline] slab_alloc_node mm/slub.c:4164 [inline] __kmalloc_cache_noprof+0x8e3/0xdf0 mm/slub.c:4320 kmalloc_noprof include/linux/slab.h:901 [inline] diMount+0x61/0x7f0 fs/jfs/jfs_imap.c:105 jfs_mount+0xa8e/0x11d0 fs/jfs/jfs_mount.c:176 jfs_fill_super+0xa47/0x17c0 fs/jfs/super.c:523 get_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636 get_tree_bdev+0x37/0x50 fs/super.c:1659 jfs_get_tree+0x34/0x40 fs/jfs/super.c:635 vfs_get_tree+0xb1/0x5a0 fs/super.c:1814 do_new_mount+0x71f/0x15e0 fs/namespace.c:3560 path_mount+0x742/0x1f10 fs/namespace.c:3887 do_mount fs/namespace.c:3900 [inline] __do_sys_mount fs/namespace.c:4111 [inline] __se_sys_mount+0x71f/0x800 fs/namespace.c:4088 __x64_sys_mount+0xe4/0x150 fs/namespace.c:4088 x64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f ===================================================== The reason is that imap is not properly initialized after memory allocation. It will cause the snprintf() function to write uninitialized data into linebuf within hex_dump_to_buffer(). Fix this by using kzalloc instead of kmalloc to clear its content at the beginning in diMount().

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Linux kernel 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞，该漏洞源于未初始化值访问，可能导致内存泄露。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Linux	Linux	1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 ~ 4f10732712fce33e53703ffe5ed9155f23814097	-
Linux	Linux	2.6.12	-

II. Public POCs for CVE-2025-37742

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2025-37742

请登录查看更多情报信息。

Patches & Fixes for CVE-2025-37742 (7)

https://nvd.nist.gov/vuln/detail/CVE-2025-37742

Same Patch Batch · Linux · 2025-05-01 · 245 CVEs total

CVE-2022-49854		mctp: Fix an error handling path in mctp_init()
CVE-2022-49837		bpf: Fix memory leaks in __check_func_call
CVE-2022-49838		sctp: clear out_curr if all frag chunks of current msg are pruned
CVE-2022-49840		bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()
CVE-2022-49839		scsi: scsi_transport_sas: Fix error handling in sas_phy_add()
CVE-2022-49841		serial: imx: Add missing .thaw_noirq hook
CVE-2022-49842		ASoC: core: Fix use-after-free in snd_soc_exit()
CVE-2022-49844		can: dev: fix skb drop check
CVE-2022-49845		can: j1939: j1939_send_one(): fix missing CAN header initialization
CVE-2022-49846		udf: Fix a slab-out-of-bounds write bug in udf_find_entry()
CVE-2022-49847		net: ethernet: ti: am65-cpsw: Fix segmentation fault at module unload
CVE-2022-49849		btrfs: fix match incorrectly in dev_args_match_device
CVE-2022-49848		phy: qcom-qmp-combo: fix NULL-deref on runtime resume
CVE-2022-49850		nilfs2: fix deadlock in nilfs_count_free_blocks()
CVE-2022-49851		riscv: fix reserved memory setup
CVE-2022-49852		riscv: process: fix kernel info leakage
CVE-2022-49862		tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header
CVE-2022-49864		drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram()
CVE-2022-49865		ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network
CVE-2022-49863		can: af_can: fix NULL pointer dereference in can_rx_register()

Showing top 20 of 245 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux

Same vendor: Linux

V. Comments for CVE-2025-37742

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2025-37742— jfs: Fix uninit-value access of imap allocated in the diMount() function

Affected Version Matrix 16

I. Basic Information for CVE-2025-37742

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2025-37742

III. Intelligence Information for CVE-2025-37742

Patches & Fixes for CVE-2025-37742 (7)

Same Patch Batch · Linux · 2025-05-01 · 245 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2025-37742

Leave a comment