Linux Kernel f2fs Vulnerability Affecting Multiple Distributions
CVE-2025-38163

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 3 July 2025

What is CVE-2025-38163?

A vulnerability in the Linux kernel's f2fs file system was reported, concerning an inconsistency in the total valid block count. When the system encountered a fuzzed image, the total valid block count did not align with the mapped blocks indexed by inode. This discrepancy could lead to a kernel panic due to runtime checks failing. The proposed resolution is to avoid triggering a panic in such scenarios by implementing sanity checks, logging the issue instead, and setting the fsck flag for further diagnostics. This fix aims to enhance stability and reliability in file system operations.

Affected Version(s)

Linux 39a53e0ce0df01b3cf4bb898c7ae2fd2189647d5 < 49bc7bf38e42cfa642787e947f5721696ea73ac3

Linux 39a53e0ce0df01b3cf4bb898c7ae2fd2189647d5

Linux 39a53e0ce0df01b3cf4bb898c7ae2fd2189647d5 < 6a324d77f7ea1a91d55c4b6ad970e3ac9ab6a20d

References

https://git.kernel.org/stable/c/49bc7bf38e42cfa642787e947...

https://git.kernel.org/stable/c/f1b743c1955151bd392539b73...

https://git.kernel.org/stable/c/6a324d77f7ea1a91d55c4b6ad...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 3, 2025
Vulnerability Reserved
Apr 16, 2025