Linux Kernel dm-crypt Vulnerability Related to Write Operations

CVE-2025-39791

What is CVE-2025-39791?

In the Linux kernel's dm-crypt module, a significant vulnerability affects how write operations are processed for zoned block devices. The design aims to enhance processing efficiency by splitting large BIOs (Block I/O operations) into smaller segments for parallel execution. However, this method inadvertently leads to deadlocks during write operations, especially when a queue freeze is initiated. The splitting mechanism, which is essential for managing filesystems like xfs or btrfs, can result in incorrect sector returns during zone append operations, ultimately causing data corruption. The solution entails modifying specific functions to prevent unintended BIO splits and ensure the accurate processing of write requests.

References