Recursive Semaphore Deadlock in OCFS2 of Linux Kernel
CVE-2025-39885

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 23 September 2025

What is CVE-2025-39885?

The vulnerability in the Linux kernel's OCFS2 filesystem involves a recursive semaphore deadlock triggered during the execution of the FS_IOC_FIEMAP command on a specially crafted mmap file. When an OCFS2 operation attempts to acquire a write lock while holding a read lock on the same semaphore, it leads to a system hang, impacting file system performance and stability. The issue has been identified and resolved by releasing the read semaphore before engaging in further processing, which mitigates the unnecessary locking mechanism. Addressing this vulnerability is crucial for maintaining overall system integrity and preventing potential disruptions.

Affected Version(s)

Linux 00dc417fa3e763345b34ccb6034d72de76eea0a1 < 36054554772f95d090eb45793faf6aa3c0254b02

Linux 00dc417fa3e763345b34ccb6034d72de76eea0a1 < 0709bc11b942870fc0a7be150e42aea42321093a

Linux 00dc417fa3e763345b34ccb6034d72de76eea0a1 < 1d3c96547ee2ddeaddf8f19a3ef99ea06cc8115e

References

https://git.kernel.org/stable/c/36054554772f95d090eb45793...

https://git.kernel.org/stable/c/0709bc11b942870fc0a7be150...

https://git.kernel.org/stable/c/1d3c96547ee2ddeaddf8f19a3...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 23, 2025
Vulnerability Reserved
Apr 16, 2025

JSON