CVE-2025-23130
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-23130
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-23130.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-23130
- Downstream
- Published
- 2025-04-16T14:13:12Z
- Modified
- 2025-11-02T20:26:01.538014Z
- Summary
- f2fs: fix to avoid panic once fallocation fails for pinfile
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to avoid panic once fallocation fails for pinfile
syzbot reports a f2fs bug as below:
------------[ cut here ]------------ kernel BUG at fs/f2fs/segment.c:2746! CPU: 0 UID: 0 PID: 5323 Comm: syz.0.0 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0 RIP: 0010:getnewsegment fs/f2fs/segment.c:2746 [inline] RIP: 0010:newcurseg+0x1f52/0x1f70 fs/f2fs/segment.c:2876 Call Trace: <TASK> _allocatenewsegment+0x1ce/0x940 fs/f2fs/segment.c:3210 f2fsallocatenewsection fs/f2fs/segment.c:3224 [inline] f2fsallocatepinningsection+0xfa/0x4e0 fs/f2fs/segment.c:3238 f2fsexpandinodedata+0x696/0xca0 fs/f2fs/file.c:1830 f2fsfallocate+0x537/0xa10 fs/f2fs/file.c:1940 vfsfallocate+0x569/0x6e0 fs/open.c:327 dovfsioctl+0x258c/0x2e40 fs/ioctl.c:885 _dosysioctl fs/ioctl.c:904 [inline] _sesysioctl+0x80/0x170 fs/ioctl.c:892 dosyscallx64 arch/x86/entry/common.c:52 [inline] dosyscall64+0xf3/0x230 arch/x86/entry/common.c:83 entrySYSCALL64after_hwframe+0x77/0x7f
Concurrent pinfile allocation may run out of free section, result in panic in getnewsegment(), let's expand pinsem lock coverage to include f2fsgc(), so that we can make sure to reclaim enough free space for following allocation.
In addition, do below changes to enhance error path handling: - call f2fsbugon() only in non-pinfile allocation path in getnewsegment(). - call resetcursegfields() to reset all fields of curseg in new_curseg()
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedf5a53edcf01eae21dc3ef1845515229e8459e5ccFixed2dda0930fb79b847b4bfceb737577d0f6bc24d7d
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedf5a53edcf01eae21dc3ef1845515229e8459e5ccFixed9392862608d081a8346a3b841f862d732fce954b
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedf5a53edcf01eae21dc3ef1845515229e8459e5ccFixed48ea8b200414ac69ea96f4c231f5c7ef1fbeffef
Affected versions
v5.*
v5.10
v5.10-rc1
v5.10-rc2
v5.10-rc3
v5.10-rc4
v5.10-rc5
v5.10-rc6
v5.10-rc7
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v5.4
v5.4-rc2
v5.4-rc3
v5.4-rc4
v5.4-rc5
v5.4-rc6
v5.4-rc7
v5.4-rc8
v5.5
v5.5-rc1
v5.5-rc2
v5.5-rc3
v5.5-rc4
v5.5-rc5
v5.5-rc6
v5.5-rc7
v5.6
v5.6-rc1
v5.6-rc2
v5.6-rc3
v5.6-rc4
v5.6-rc5
v5.6-rc6
v5.6-rc7
v5.7
v5.7-rc1
v5.7-rc2
v5.7-rc3
v5.7-rc4
v5.7-rc5
v5.7-rc6
v5.7-rc7
v5.8
v5.8-rc1
v5.8-rc2
v5.8-rc3
v5.8-rc4
v5.8-rc5
v5.8-rc6
v5.8-rc7
v5.9
v5.9-rc1
v5.9-rc2
v5.9-rc3
v5.9-rc4
v5.9-rc5
v5.9-rc6
v5.9-rc7
v5.9-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.16
v6.12.17
v6.12.18
v6.12.19
v6.12.2
v6.12.20
v6.12.21
v6.12.22
v6.12.23
v6.12.24
v6.12.25
v6.12.26
v6.12.27
v6.12.28
v6.12.29
v6.12.3
v6.12.30
v6.12.31
v6.12.32
v6.12.33
v6.12.34
v6.12.35
v6.12.36
v6.12.37
v6.12.38
v6.12.39
v6.12.4
v6.12.40
v6.12.41
v6.12.42
v6.12.43
v6.12.44
v6.12.45
v6.12.46
v6.12.47
v6.12.48
v6.12.49
v6.12.5
v6.12.50
v6.12.51
v6.12.52
v6.12.53
v6.12.54
v6.12.55
v6.12.56
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.14.1
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
Database specific
vanir_signatures
[
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2dda0930fb79b847b4bfceb737577d0f6bc24d7d",
"signature_type": "Function",
"digest": {
"function_hash": "51608755665513816245488581792618828658",
"length": 2578.0
},
"deprecated": false,
"id": "CVE-2025-23130-1bc5bde5",
"target": {
"function": "get_new_segment",
"file": "fs/f2fs/segment.c"
},
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2dda0930fb79b847b4bfceb737577d0f6bc24d7d",
"signature_type": "Function",
"digest": {
"function_hash": "95224786424012045664921942006187521692",
"length": 2169.0
},
"deprecated": false,
"id": "CVE-2025-23130-3517388c",
"target": {
"function": "f2fs_expand_inode_data",
"file": "fs/f2fs/file.c"
},
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9392862608d081a8346a3b841f862d732fce954b",
"signature_type": "Function",
"digest": {
"function_hash": "6682993502133307865292933806412711764",
"length": 2477.0
},
"deprecated": false,
"id": "CVE-2025-23130-46c2c321",
"target": {
"function": "get_new_segment",
"file": "fs/f2fs/segment.c"
},
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2dda0930fb79b847b4bfceb737577d0f6bc24d7d",
"signature_type": "Line",
"digest": {
"line_hashes": [
"250374972581436840664727016217712906194",
"61355554961056124559400133601277061164",
"152835938847904082923067297889421119652",
"1286058473156772946267787649383159041",
"16759091255513142958415784137956764679",
"235880213614778457496133508507611487842",
"283965035368876578351165310955254353427",
"263172742498214731520122010431684900437",
"147166209719097384039308779912816392635",
"319789784515213032226045384120638810634",
"184577090187825340547789392926706861122",
"114224541906802616085789329340990979101",
"9433022480411229613669179149697637007",
"106188663251144687836735047621663315127",
"261946426967568002960400171161753229017",
"77835423905278725905459116092936622692",
"186735198902290142224266478370984800113",
"111410793926575005812274840285197053610",
"277432048321434058399741291105153273971",
"195514454816856743555190484402416948713",
"11506343289319747054376229871372015869",
"127817611036567068023699831786012168432",
"170103505736637264135963660808458503658",
"226210815802703354553990799815027517591"
],
"threshold": 0.9
},
"deprecated": false,
"id": "CVE-2025-23130-632b4b8c",
"target": {
"file": "fs/f2fs/segment.c"
},
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@48ea8b200414ac69ea96f4c231f5c7ef1fbeffef",
"signature_type": "Line",
"digest": {
"line_hashes": [
"239795888455775214365905243448217560103",
"129697534867250862947053693056510148108",
"43124404698551460348323792370139829291",
"178560686095899511271066352885131499837",
"84736904455616237813934679204180331754",
"8474361708053761358218235383674606842",
"192268603954352127433249521214155906055",
"96082592582403264269367188748327152978",
"164600483543501612020480145963479379477",
"81725459740244383287614172548777946991",
"153976800515385576947157023283729531166",
"86884300203338712513970284509758067042",
"277986981908747642153651196883867606283",
"204714867260368896674703890181791363327"
],
"threshold": 0.9
},
"deprecated": false,
"id": "CVE-2025-23130-74383c74",
"target": {
"file": "fs/f2fs/file.c"
},
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@48ea8b200414ac69ea96f4c231f5c7ef1fbeffef",
"signature_type": "Function",
"digest": {
"function_hash": "102079117436497230366534644103568243097",
"length": 690.0
},
"deprecated": false,
"id": "CVE-2025-23130-956c91af",
"target": {
"function": "new_curseg",
"file": "fs/f2fs/segment.c"
},
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9392862608d081a8346a3b841f862d732fce954b",
"signature_type": "Function",
"digest": {
"function_hash": "204447292052474407590869008517418011613",
"length": 2125.0
},
"deprecated": false,
"id": "CVE-2025-23130-a1c4595c",
"target": {
"function": "f2fs_expand_inode_data",
"file": "fs/f2fs/file.c"
},
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2dda0930fb79b847b4bfceb737577d0f6bc24d7d",
"signature_type": "Line",
"digest": {
"line_hashes": [
"239795888455775214365905243448217560103",
"129697534867250862947053693056510148108",
"43124404698551460348323792370139829291",
"178560686095899511271066352885131499837",
"84736904455616237813934679204180331754",
"8474361708053761358218235383674606842",
"192268603954352127433249521214155906055",
"96082592582403264269367188748327152978",
"164600483543501612020480145963479379477",
"81725459740244383287614172548777946991",
"153976800515385576947157023283729531166",
"86884300203338712513970284509758067042",
"277986981908747642153651196883867606283",
"204714867260368896674703890181791363327"
],
"threshold": 0.9
},
"deprecated": false,
"id": "CVE-2025-23130-ac2b3651",
"target": {
"file": "fs/f2fs/file.c"
},
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@48ea8b200414ac69ea96f4c231f5c7ef1fbeffef",
"signature_type": "Function",
"digest": {
"function_hash": "204447292052474407590869008517418011613",
"length": 2125.0
},
"deprecated": false,
"id": "CVE-2025-23130-bfbf65f5",
"target": {
"function": "f2fs_expand_inode_data",
"file": "fs/f2fs/file.c"
},
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9392862608d081a8346a3b841f862d732fce954b",
"signature_type": "Line",
"digest": {
"line_hashes": [
"239795888455775214365905243448217560103",
"129697534867250862947053693056510148108",
"43124404698551460348323792370139829291",
"178560686095899511271066352885131499837",
"84736904455616237813934679204180331754",
"8474361708053761358218235383674606842",
"192268603954352127433249521214155906055",
"96082592582403264269367188748327152978",
"164600483543501612020480145963479379477",
"81725459740244383287614172548777946991",
"153976800515385576947157023283729531166",
"86884300203338712513970284509758067042",
"277986981908747642153651196883867606283",
"204714867260368896674703890181791363327"
],
"threshold": 0.9
},
"deprecated": false,
"id": "CVE-2025-23130-ce9308c8",
"target": {
"file": "fs/f2fs/file.c"
},
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2dda0930fb79b847b4bfceb737577d0f6bc24d7d",
"signature_type": "Function",
"digest": {
"function_hash": "102079117436497230366534644103568243097",
"length": 690.0
},
"deprecated": false,
"id": "CVE-2025-23130-d71f1860",
"target": {
"function": "new_curseg",
"file": "fs/f2fs/segment.c"
},
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@48ea8b200414ac69ea96f4c231f5c7ef1fbeffef",
"signature_type": "Function",
"digest": {
"function_hash": "6682993502133307865292933806412711764",
"length": 2477.0
},
"deprecated": false,
"id": "CVE-2025-23130-e2e1c481",
"target": {
"function": "get_new_segment",
"file": "fs/f2fs/segment.c"
},
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@48ea8b200414ac69ea96f4c231f5c7ef1fbeffef",
"signature_type": "Line",
"digest": {
"line_hashes": [
"250374972581436840664727016217712906194",
"61355554961056124559400133601277061164",
"152835938847904082923067297889421119652",
"1286058473156772946267787649383159041",
"16759091255513142958415784137956764679",
"235880213614778457496133508507611487842",
"283965035368876578351165310955254353427",
"263172742498214731520122010431684900437",
"147166209719097384039308779912816392635",
"319789784515213032226045384120638810634",
"184577090187825340547789392926706861122",
"114224541906802616085789329340990979101",
"9433022480411229613669179149697637007",
"106188663251144687836735047621663315127",
"261946426967568002960400171161753229017",
"77835423905278725905459116092936622692",
"186735198902290142224266478370984800113",
"111410793926575005812274840285197053610",
"277432048321434058399741291105153273971",
"195514454816856743555190484402416948713",
"11506343289319747054376229871372015869",
"127817611036567068023699831786012168432",
"170103505736637264135963660808458503658",
"226210815802703354553990799815027517591"
],
"threshold": 0.9
},
"deprecated": false,
"id": "CVE-2025-23130-e47494df",
"target": {
"file": "fs/f2fs/segment.c"
},
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9392862608d081a8346a3b841f862d732fce954b",
"signature_type": "Line",
"digest": {
"line_hashes": [
"250374972581436840664727016217712906194",
"61355554961056124559400133601277061164",
"152835938847904082923067297889421119652",
"1286058473156772946267787649383159041",
"16759091255513142958415784137956764679",
"235880213614778457496133508507611487842",
"283965035368876578351165310955254353427",
"263172742498214731520122010431684900437",
"147166209719097384039308779912816392635",
"319789784515213032226045384120638810634",
"184577090187825340547789392926706861122",
"114224541906802616085789329340990979101",
"9433022480411229613669179149697637007",
"106188663251144687836735047621663315127",
"261946426967568002960400171161753229017",
"77835423905278725905459116092936622692",
"186735198902290142224266478370984800113",
"111410793926575005812274840285197053610",
"277432048321434058399741291105153273971",
"195514454816856743555190484402416948713",
"11506343289319747054376229871372015869",
"127817611036567068023699831786012168432",
"170103505736637264135963660808458503658",
"226210815802703354553990799815027517591"
],
"threshold": 0.9
},
"deprecated": false,
"id": "CVE-2025-23130-f20781cf",
"target": {
"file": "fs/f2fs/segment.c"
},
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9392862608d081a8346a3b841f862d732fce954b",
"signature_type": "Function",
"digest": {
"function_hash": "102079117436497230366534644103568243097",
"length": 690.0
},
"deprecated": false,
"id": "CVE-2025-23130-fa374dc2",
"target": {
"function": "new_curseg",
"file": "fs/f2fs/segment.c"
},
"signature_version": "v1"
}
]