Buffer State Inconsistency in Linux Kernel nilfs2 Filesystem
CVE-2025-21722

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

What is CVE-2025-21722?

The nilfs2 filesystem in the Linux kernel has a vulnerability that can cause inconsistencies in buffer head states during filesystem corruption scenarios. Specifically, if nilfs2 detects corruption and falls back to read-only mode, it may improperly handle dirty buffer states. This leads to potential use-after-free conditions due to the forcible clearing of various buffer states at unexpected times. These inconsistencies can affect both data and metadata operations, making it essential to implement proper checks before state modifications to ensure buffer integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 8c26c4e2694a163d525976e804d81cd955bbb40c < 7d0544bacc11d6aa26ecd7debf9353193c7a3328

Linux 8c26c4e2694a163d525976e804d81cd955bbb40c < 4d042811c72f71be7c14726db2c72b67025a7cb5

Linux 8c26c4e2694a163d525976e804d81cd955bbb40c

References

https://git.kernel.org/stable/c/7d0544bacc11d6aa26ecd7deb...

https://git.kernel.org/stable/c/4d042811c72f71be7c14726db...

https://git.kernel.org/stable/c/f51ff43c4c5a6c8e72d0aca89...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024

JSON

Linux

What is CVE-2025-21722?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.