Linux Kernel Vulnerability in f2fs Filesystem
CVE-2025-38218

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 July 2025

What is CVE-2025-38218?

A vulnerability in the f2fs filesystem within the Linux kernel can lead to a kernel panic when mounting certain images. This occurs when resizing an image leads to inconsistent metadata due to an out-of-bounds condition on the sit_bitmap. The primary issue arises when the size of the sit bitmap does not correspond to the number of segments, allowing for potential system instability. The kernel now includes a sanity check to mitigate this risk and ensure stability during filesystem operations.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 82f51bff393e4c12cf4de553120ca831cfa4ef19

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 38ef48a8afef8df646b6f6ae7abb872f18b533c1

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/82f51bff393e4c12cf4de5531...

https://git.kernel.org/stable/c/38ef48a8afef8df646b6f6ae7...

https://git.kernel.org/stable/c/ad862f71016ba38039df1c96e...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 4, 2025
Vulnerability Reserved
Apr 16, 2025