Buffer Overflow in Linux Kernel's f2fs Allocator
CVE-2025-68315

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 December 2025

What is CVE-2025-68315?

A vulnerability in the Linux kernel's f2fs file system has been identified, where potential corruption in the free_nid_list can occur. This manifests when both the on-disk 'footer.ino' and 'footer.nid' overlap and are out of range. To mitigate this risk, a sanity check has been introduced in the f2fs_alloc_nid() function to detect such corruptions effectively. This enhancement aims to safeguard data integrity and improve resilience against potential exploitation.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 6b9525596a83cd5b7bbc2c7bd5f9ad9cf5ad60fa

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 8fc6056dcf79937c46c97fa4996cda65956437a9

References

https://git.kernel.org/stable/c/6b9525596a83cd5b7bbc2c7bd...

https://git.kernel.org/stable/c/adbcb34f03abb89e681a5907c...

https://git.kernel.org/stable/c/8fc6056dcf79937c46c97fa49...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 16, 2025
Vulnerability Reserved
Dec 16, 2025

JSON