CVE-2025-38626— f2fs: fix to trigger foreground gc during f2fs_map_blocks() in lfs mode
Affected Version Matrix 14
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 36abef4e796d382e81a0c2d21ea5327481dd7154< d2f280f43a2a9d918fd23169ff3a6f3b65c7cec5 | affected |
36abef4e796d382e81a0c2d21ea5327481dd7154< f289690f50a01c3e085d87853392d5b7436a4cee | affected | ||
36abef4e796d382e81a0c2d21ea5327481dd7154< 82765ce5c7a56f9309ee45328e763610eaf11253 | affected | ||
36abef4e796d382e81a0c2d21ea5327481dd7154< 264ede8a52f18647ed5bb5f2bd9bf54f556ad8f5 | affected | ||
36abef4e796d382e81a0c2d21ea5327481dd7154< 385e64a0744584397b4b52b27c96703516f39968 | affected | ||
36abef4e796d382e81a0c2d21ea5327481dd7154< 1005a3ca28e90c7a64fa43023f866b960a60f791 | affected | ||
4.8 | affected | ||
< 4.8 | unaffected | ||
| … +6 more rows | |||
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-38626
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
f2fs: fix to trigger foreground gc during f2fs_map_blocks() in lfs mode
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to trigger foreground gc during f2fs_map_blocks() in lfs mode w/ "mode=lfs" mount option, generic/299 will cause system panic as below: ------------[ cut here ]------------ kernel BUG at fs/f2fs/segment.c:2835! Call Trace: <TASK> f2fs_allocate_data_block+0x6f4/0xc50 f2fs_map_blocks+0x970/0x1550 f2fs_iomap_begin+0xb2/0x1e0 iomap_iter+0x1d6/0x430 __iomap_dio_rw+0x208/0x9a0 f2fs_file_write_iter+0x6b3/0xfa0 aio_write+0x15d/0x2e0 io_submit_one+0x55e/0xab0 __x64_sys_io_submit+0xa5/0x230 do_syscall_64+0x84/0x2f0 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0010:new_curseg+0x70f/0x720 The root cause of we run out-of-space is: in f2fs_map_blocks(), f2fs may trigger foreground gc only if it allocates any physical block, it will be a little bit later when there is multiple threads writing data w/ aio/dio/bufio method in parallel, since we always use OPU in lfs mode, so f2fs_map_blocks() does block allocations aggressively. In order to fix this issue, let's give a chance to trigger foreground gc in prior to block allocation in f2fs_map_blocks().
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于f2fs_map_blocks在lfs模式下未触发前台GC,可能导致空间耗尽。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2025-38626
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-38626
请登录查看更多情报信息。
Patches & Fixes for CVE-2025-38626 (1)
Same Patch Batch · Linux · 2025-08-22 · 60 CVEs total
| CVE-2025-38635 | clk: davinci: Add NULL check in davinci_lpsc_clk_register() | |
| CVE-2025-38616 | tls: handle data disappearing from under the TLS ULP | |
| CVE-2025-38620 | zloop: fix KASAN use-after-free of tag set | |
| CVE-2025-38619 | media: ti: j721e-csi2rx: fix list_del corruption | |
| CVE-2025-38621 | md: make rdev_addable usable for rcu mode | |
| CVE-2025-38618 | vsock: Do not allow binding to VMADDR_PORT_ANY | |
| CVE-2025-38632 | pinmux: fix race causing mux_owner NULL with active mux_usecount | |
| CVE-2025-38631 | clk: imx95-blk-ctl: Fix synchronous abort | |
| CVE-2025-38633 | clk: spacemit: mark K1 pll1_d8 as critical | |
| CVE-2025-38634 | power: supply: cpcap-charger: Fix null check for power_supply_get_by_name | |
| CVE-2025-38630 | fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref | |
| CVE-2025-38636 | rv: Use strings in da monitors tracepoints | |
| CVE-2025-38638 | ipv6: add a retry logic in net6_rt_notify() | |
| CVE-2025-38639 | netfilter: xt_nfacct: don't assume acct name is null-terminated | |
| CVE-2025-38640 | bpf: Disable migration in nf_hook_run_bpf(). | |
| CVE-2025-38641 | Bluetooth: btusb: Fix potential NULL dereference on kmalloc failure | |
| CVE-2025-38642 | wifi: mac80211: fix WARN_ON for monitor mode on some devices | |
| CVE-2025-38643 | wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() | |
| CVE-2025-38644 | wifi: mac80211: reject TDLS operations when station is not associated | |
| CVE-2025-38645 | net/mlx5: Check device memory pointer before usage |
Showing top 20 of 60 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2025-38626
No comments yet