Linux Kernel Vulnerability in iomap Affecting XFS Filesystem
CVE-2025-21667

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 31 January 2025

Summary

A vulnerability in the Linux kernel's handling of file operations, specifically within the iomap subsystem, could result in issues when embedded in 32-bit architectures. The function iomap_write_delalloc_scan() improperly utilized a 32-bit position derived from folio_next_index(), leading to potential infinite loops during write operations on XFS filesystems. This flaw emphasizes the importance of appropriate data type management to prevent unexpected behavior during file writes.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 7ca4bd6b754913910151acce00be093f03642725

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 91371922704c8d82049ef7c2ad974d0a2cd1174d

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 402ce16421477e27f30b57d6d1a6dc248fa3a4e4

References

https://git.kernel.org/stable/c/7ca4bd6b754913910151acce0...

https://git.kernel.org/stable/c/91371922704c8d82049ef7c2a...

https://git.kernel.org/stable/c/402ce16421477e27f30b57d6d...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 31, 2025
Vulnerability Reserved
Dec 29, 2024