Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-68769— f2fs: fix return value of f2fs_recover_fsync_data()

EPSS 0.07% · P21

Affected Version Matrix 17

VendorProductVersion RangeStatus
LinuxLinux6781eabba1bdb133eb9125c4acf6704ccbe4df02< e6ac31abd30e9fd2ef5f0819ce7f3f932be3b725affected
6781eabba1bdb133eb9125c4acf6704ccbe4df02< 0de4977a1eeafe9d77701e3c031a1bcdba389243affected
6781eabba1bdb133eb9125c4acf6704ccbe4df02< 9bc246018aaa3b46a7710428d0a2196c229f9d49affected
6781eabba1bdb133eb9125c4acf6704ccbe4df02< a4c67d96f92eefcfa5596a08f069e77b743c5865affected
6781eabba1bdb133eb9125c4acf6704ccbe4df02< 473550e715654ad7612aa490d583cb7c25fe2ff3affected
6781eabba1bdb133eb9125c4acf6704ccbe4df02< 4560db9678a2c5952b6205fbca468c6805c2ba2aaffected
6781eabba1bdb133eb9125c4acf6704ccbe4df02< 01fba45deaddcce0d0b01c411435d1acf6feab7baffected
1499d39b74f5957e932639a86487ccea5a0a9740affected
… +9 more rows
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-68769

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
f2fs: fix return value of f2fs_recover_fsync_data()
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix return value of f2fs_recover_fsync_data() With below scripts, it will trigger panic in f2fs: mkfs.f2fs -f /dev/vdd mount /dev/vdd /mnt/f2fs touch /mnt/f2fs/foo sync echo 111 >> /mnt/f2fs/foo f2fs_io fsync /mnt/f2fs/foo f2fs_io shutdown 2 /mnt/f2fs umount /mnt/f2fs mount -o ro,norecovery /dev/vdd /mnt/f2fs or mount -o ro,disable_roll_forward /dev/vdd /mnt/f2fs F2FS-fs (vdd): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 F2FS-fs (vdd): Mounted with checkpoint version = 7f5c361f F2FS-fs (vdd): Stopped filesystem due to reason: 0 F2FS-fs (vdd): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 Filesystem f2fs get_tree() didn't set fc->root, returned 1 ------------[ cut here ]------------ kernel BUG at fs/super.c:1761! Oops: invalid opcode: 0000 [#1] SMP PTI CPU: 3 UID: 0 PID: 722 Comm: mount Not tainted 6.18.0-rc2+ #721 PREEMPT(voluntary) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 RIP: 0010:vfs_get_tree.cold+0x18/0x1a Call Trace: <TASK> fc_mount+0x13/0xa0 path_mount+0x34e/0xc50 __x64_sys_mount+0x121/0x150 do_syscall_64+0x84/0x800 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x7fa6cc126cfe The root cause is we missed to handle error number returned from f2fs_recover_fsync_data() when mounting image w/ ro,norecovery or ro,disable_roll_forward mount option, result in returning a positive error number to vfs_get_tree(), fix it.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于f2fs_recover_fsync_data()返回值错误,可能导致内核崩溃。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 6781eabba1bdb133eb9125c4acf6704ccbe4df02 ~ e6ac31abd30e9fd2ef5f0819ce7f3f932be3b725 -
LinuxLinux 4.7 -

II. Public POCs for CVE-2025-68769

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2025-68769

登录查看更多情报信息。

Same Patch Batch · Linux · 2026-01-13 · 93 CVEs total

CVE-2025-710897.8 HIGHiommu: disable SVA when CONFIG_X86 is set
CVE-2025-71069f2fs: invalidate dentry cache on failed whiteout creation
CVE-2025-71068svcrdma: bound check rq_pages index in inline path
CVE-2025-71065f2fs: fix to avoid potential deadlock
CVE-2025-68821fuse: fix readahead reclaim deadlock
CVE-2025-68820ext4: xattr: fix null pointer deref in ext4_raw_inode()
CVE-2025-68819media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg()
CVE-2025-68818scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path"
CVE-2025-68817ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency
CVE-2025-68823ublk: fix deadlock when reading partition table
CVE-2025-71067ntfs: set dummy blocksize to read boot_block when mounting
CVE-2025-71071iommu/mediatek: fix use-after-free on probe deferral
CVE-2025-71070ublk: clean up user copy references on ublk server exit
CVE-2025-71072shmem: fix recovery on rename failures
CVE-2025-71073Input: lkkbd - disable pending work before freeing device
CVE-2025-71074functionfs: fix the open/removal races
CVE-2025-71075scsi: aic94xx: fix use-after-free in device removal path
CVE-2025-71077tpm: Cap the number of PCR banks
CVE-2025-71076drm/xe/oa: Limit num_syncs to prevent oversized allocations
CVE-2025-71078powerpc/64s/slb: Fix SLB multihit issue during SLB preload

Showing top 20 of 93 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2025-68769

No comments yet

Leave a comment