Vulnerability in Linux Kernel Affecting JFS File System
CVE-2025-40312

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 8 December 2025

What is CVE-2025-40312?

A vulnerability in the Linux kernel's JFS (Journaling File System) has been identified, which allows for improper handling of inode modes when loading from a potentially corrupted disk. This can result in the loading of invalid inode data, risking system stability and data integrity. Mitigation has been implemented by ensuring that inode modes are verified during the loading process, similar to the improvements made in the ISOFS subsystem.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 19cce65709a8a2966203653028d9004e28e85bd5

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 46c76cfa17d1828c1a889cb54cb11d5ef3dfbc0f

References

https://git.kernel.org/stable/c/19cce65709a8a296620365302...

https://git.kernel.org/stable/c/fabc1348bb8fe6bc80850014e...

https://git.kernel.org/stable/c/46c76cfa17d1828c1a889cb54...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 8, 2025
Vulnerability Reserved
Apr 16, 2025

JSON