In the Linux kernel, the following vulnerability has been resolved:
f2fs: quota: fix to avoid warning in dquotwritebackdquots()
F2FS-fs (dm-59): checkpoint=enable has some unwritten data.
------------[ cut here ]------------ WARNING: CPU: 6 PID: 8013 at fs/quota/dquot.c:691 dquotwritebackdquots+0x2fc/0x308 pc : dquotwritebackdquots+0x2fc/0x308 lr : f2fsquotasync+0xcc/0x1c4 Call trace: dquotwritebackdquots+0x2fc/0x308 f2fsquotasync+0xcc/0x1c4 f2fswritecheckpoint+0x3d4/0x9b0 f2fsissuecheckpoint+0x1bc/0x2c0 f2fssyncfs+0x54/0x150 f2fsdosyncfile+0x2f8/0x814 _f2fsioctl+0x1960/0x3244 f2fsioctl+0x54/0xe0 _arm64sysioctl+0xa8/0xe4 invokesyscall+0x58/0x114
checkpoint and f2fsremount may race as below, resulting triggering warning in dquotwriteback_dquots().
atomic write remount - doremount - downwrite(&sb->sumount); - f2fsremount - ioctl - f2fsdosyncfile - f2fssyncfs - f2fswritecheckpoint - blockoperations - locked = downreadtrylock(&sbi->sb->sumount) : fail to lock due to the write lock was held by remount - upwrite(&sb->sumount); - f2fsquotasync - dquotwritebackdquots - WARNONONCE(!rwsemislocked(&sb->sumount)) : trigger warning because s_umount lock was unlocked by remount
If checkpoint comes from mount/umount/remount/freeze/quotactl, caller of checkpoint has already held sumount lock, calling dquotwriteback_dquots() in the context should be safe.
So let's record task to sbi->umountlockholder, so that checkpoint can know whether the lock has held in the context or not by checking current w/ it.
In addition, in order to not misrepresent caller of checkpoint, we should not allow to trigger async checkpoint for those callers: mount/umount/remount/ freeze/quotactl.
[
{
"digest": {
"function_hash": "261497593396387087391956963783562034519",
"length": 6242.0
},
"id": "CVE-2025-23132-16521949",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eb85c2410d6f581e957cd03a644ff6ddbe592af9",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "f2fs_remount",
"file": "fs/f2fs/super.c"
},
"signature_type": "Function"
},
{
"digest": {
"function_hash": "123934039997486770458418698464490605645",
"length": 10204.0
},
"id": "CVE-2025-23132-1b9ec746",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eb85c2410d6f581e957cd03a644ff6ddbe592af9",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "f2fs_fill_super",
"file": "fs/f2fs/super.c"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"335776930927916366894240690743982974203",
"146058239616586669323462632693650522505",
"172077289751655321230985734380517373047",
"254829279740140616706238050248716789674",
"208338446249875343543675472660783900582",
"198930959946899450686014422361351981193",
"99333794163152585086946142513925363895",
"227338563310051837133654870549133211469"
]
},
"id": "CVE-2025-23132-1c75da45",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eb85c2410d6f581e957cd03a644ff6ddbe592af9",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "fs/f2fs/f2fs.h"
},
"signature_type": "Line"
},
{
"digest": {
"function_hash": "242016810009230490696086358855065666825",
"length": 719.0
},
"id": "CVE-2025-23132-3e19a897",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d7acf0a6c87aa282c86a36dbaa2f92fda88c5884",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "f2fs_issue_checkpoint",
"file": "fs/f2fs/checkpoint.c"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"150764800673509315327175625927935617625",
"256439824399722556618837200769926214591",
"226153196480109776223656281763354872925",
"306843972025039451556439455384486628788",
"46219735806318010875455555828073989351",
"331020437515222967540702859036476113760",
"209314728919958394113133089304749111663",
"338675704557783215602070432076180415823",
"174174466476483345228953630153147594397",
"37864143300430864881079272354167258619",
"163090180060112429266071458996347638635",
"278392023511141611279617682165042658323",
"202458647728975547015147082138264769914",
"154790684364317023836971845500435300874",
"252954053050117667920845689071221519068"
]
},
"id": "CVE-2025-23132-3e908a85",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d7acf0a6c87aa282c86a36dbaa2f92fda88c5884",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "fs/f2fs/checkpoint.c"
},
"signature_type": "Line"
},
{
"digest": {
"function_hash": "302293734187982796670174838855352883007",
"length": 316.0
},
"id": "CVE-2025-23132-4273f610",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d7acf0a6c87aa282c86a36dbaa2f92fda88c5884",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "f2fs_freeze",
"file": "fs/f2fs/super.c"
},
"signature_type": "Function"
},
{
"digest": {
"function_hash": "86022051421020035943957881259417258239",
"length": 219.0
},
"id": "CVE-2025-23132-5136e1dc",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d7acf0a6c87aa282c86a36dbaa2f92fda88c5884",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "f2fs_quota_off",
"file": "fs/f2fs/super.c"
},
"signature_type": "Function"
},
{
"digest": {
"function_hash": "62935415655496554588125453813683291618",
"length": 1560.0
},
"id": "CVE-2025-23132-56af233a",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eb85c2410d6f581e957cd03a644ff6ddbe592af9",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "block_operations",
"file": "fs/f2fs/checkpoint.c"
},
"signature_type": "Function"
},
{
"digest": {
"function_hash": "261497593396387087391956963783562034519",
"length": 6242.0
},
"id": "CVE-2025-23132-608cadad",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d7acf0a6c87aa282c86a36dbaa2f92fda88c5884",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "f2fs_remount",
"file": "fs/f2fs/super.c"
},
"signature_type": "Function"
},
{
"digest": {
"function_hash": "302293734187982796670174838855352883007",
"length": 316.0
},
"id": "CVE-2025-23132-633a8308",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eb85c2410d6f581e957cd03a644ff6ddbe592af9",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "f2fs_freeze",
"file": "fs/f2fs/super.c"
},
"signature_type": "Function"
},
{
"digest": {
"function_hash": "197251427134477503947633877458251774287",
"length": 748.0
},
"id": "CVE-2025-23132-85d51354",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d7acf0a6c87aa282c86a36dbaa2f92fda88c5884",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "f2fs_quota_on",
"file": "fs/f2fs/super.c"
},
"signature_type": "Function"
},
{
"digest": {
"function_hash": "62935415655496554588125453813683291618",
"length": 1560.0
},
"id": "CVE-2025-23132-8d8ce7e8",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d7acf0a6c87aa282c86a36dbaa2f92fda88c5884",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "block_operations",
"file": "fs/f2fs/checkpoint.c"
},
"signature_type": "Function"
},
{
"digest": {
"function_hash": "123934039997486770458418698464490605645",
"length": 10204.0
},
"id": "CVE-2025-23132-a746a3c1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d7acf0a6c87aa282c86a36dbaa2f92fda88c5884",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "f2fs_fill_super",
"file": "fs/f2fs/super.c"
},
"signature_type": "Function"
},
{
"digest": {
"function_hash": "242016810009230490696086358855065666825",
"length": 719.0
},
"id": "CVE-2025-23132-a8b7625b",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eb85c2410d6f581e957cd03a644ff6ddbe592af9",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "f2fs_issue_checkpoint",
"file": "fs/f2fs/checkpoint.c"
},
"signature_type": "Function"
},
{
"digest": {
"function_hash": "197251427134477503947633877458251774287",
"length": 748.0
},
"id": "CVE-2025-23132-b2886146",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eb85c2410d6f581e957cd03a644ff6ddbe592af9",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "f2fs_quota_on",
"file": "fs/f2fs/super.c"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"150764800673509315327175625927935617625",
"256439824399722556618837200769926214591",
"226153196480109776223656281763354872925",
"306843972025039451556439455384486628788",
"46219735806318010875455555828073989351",
"331020437515222967540702859036476113760",
"209314728919958394113133089304749111663",
"338675704557783215602070432076180415823",
"174174466476483345228953630153147594397",
"37864143300430864881079272354167258619",
"163090180060112429266071458996347638635",
"278392023511141611279617682165042658323",
"202458647728975547015147082138264769914",
"154790684364317023836971845500435300874",
"252954053050117667920845689071221519068"
]
},
"id": "CVE-2025-23132-c8e8f024",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eb85c2410d6f581e957cd03a644ff6ddbe592af9",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "fs/f2fs/checkpoint.c"
},
"signature_type": "Line"
},
{
"digest": {
"function_hash": "86022051421020035943957881259417258239",
"length": 219.0
},
"id": "CVE-2025-23132-d226abce",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eb85c2410d6f581e957cd03a644ff6ddbe592af9",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "f2fs_quota_off",
"file": "fs/f2fs/super.c"
},
"signature_type": "Function"
},
{
"digest": {
"function_hash": "175483827005764783666337113239926112929",
"length": 675.0
},
"id": "CVE-2025-23132-dd6039c0",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d7acf0a6c87aa282c86a36dbaa2f92fda88c5884",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "kill_f2fs_super",
"file": "fs/f2fs/super.c"
},
"signature_type": "Function"
},
{
"digest": {
"function_hash": "175483827005764783666337113239926112929",
"length": 675.0
},
"id": "CVE-2025-23132-e13f1b98",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eb85c2410d6f581e957cd03a644ff6ddbe592af9",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "kill_f2fs_super",
"file": "fs/f2fs/super.c"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"327442800520596304187243132919252796983",
"109472730145525724957480965902601325533",
"163953352601662758915557305852981992988",
"146653519952948786071538413826656414637",
"278591483187887102993981935377654223193",
"295173099861878831671432914836464030756",
"34325750991844532679807079126453304633",
"260120923175817047609080066046657307582",
"272687369542196526862945346995408482221",
"262258217978329060236818656335024392488",
"222178239919668354517312995270199261335",
"187499576269359147650997110353714485086",
"11676331217041385978092186054157556879",
"23870932575144384104273569288140448827",
"234041546265453292846872048087359199315",
"323374754433126321453340591074035150809",
"188449140536857782159819477884511704937",
"197544439373034341810080713276842969412",
"153349865046592865008787882262272597444",
"187701900009821217845576171478791954347",
"51523356647072415529973806522706056282",
"331411197851706031595791698626257154479",
"200648340404002698713230540883617237878",
"291937153109455865676966426905539135210",
"324223191412104588612265949222022942182",
"17913398821279964592949039738205323133",
"269433130191501427656357083996503776922",
"330987064347790367634085624996340091733",
"91223936914409441924813254414425619604",
"325378173573443472275361112463415644103",
"287579530890743514356978145267309982593",
"319939567335472273097174297889272027050",
"291811486281850887540243766547564767893",
"249647870867259750335089943664788441150",
"144265963491340248649473478542190540478",
"91948498411037382251476625793271228386",
"295792618341142664466127093094173492365",
"43081570664819921477546944879552109498",
"66107758496703185330263274402629233883",
"124926197069569629947393370760380026219",
"334188617176674857886728141985345768541",
"228369586563984698987006543878782700669",
"15798563826191010740947559150313298885",
"116863202642129286025878451680058762153",
"146277454325637818608687508793602003284",
"282004411876828035740330674150369964221",
"79918147484948303670356420068628303066",
"297300581836620491960506091451001883479",
"34844825005713743191720144609459978375",
"254478915897729469762296777279698731818",
"144296963873065578061840368753581589770",
"127859909330469910467338740705109130345",
"273015508789865742586552124561511175794",
"282224701178329475503221609757192880584",
"284161922811979258489583642615674636622",
"58593508189758836950952652704422505017",
"17247778764735300105341207209417487563",
"190616173423159807202218847752286888236",
"209341386259323223842833003972044027539",
"287711641836005354376935545631986258634",
"281815504387118393394517380859447603999",
"322651939004067436244751446792572730145",
"334042287484291639195884190704547119226",
"238156945584149944304603422223692235090",
"291998343075558143145056332353818344932",
"274740897342438651608626208409070752444",
"266452081818082117965000575381612727470",
"250057498403211640630312653588051654762",
"81871117521630270382971428919095441160",
"118235385216770947483563288284910559204",
"294055014197486619457410433819893385744",
"127866950746823654255049473701566458552",
"249522155415844421716126744960412313602",
"86505778237510115128788347868472588415",
"268819242831409397927316799491267877278",
"157202305345355470670489834655954068613",
"148425567089264707117332363482736578814",
"323547897254938510978234447173907048166",
"262910271944081895553041647437912678629",
"339075066812383654504456629127777366662",
"93647333721641404377826143326150395241",
"174122158033938482596942383839342960298"
]
},
"id": "CVE-2025-23132-e7a8c781",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d7acf0a6c87aa282c86a36dbaa2f92fda88c5884",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "fs/f2fs/super.c"
},
"signature_type": "Line"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"327442800520596304187243132919252796983",
"109472730145525724957480965902601325533",
"163953352601662758915557305852981992988",
"146653519952948786071538413826656414637",
"278591483187887102993981935377654223193",
"295173099861878831671432914836464030756",
"34325750991844532679807079126453304633",
"260120923175817047609080066046657307582",
"272687369542196526862945346995408482221",
"262258217978329060236818656335024392488",
"222178239919668354517312995270199261335",
"187499576269359147650997110353714485086",
"11676331217041385978092186054157556879",
"23870932575144384104273569288140448827",
"234041546265453292846872048087359199315",
"323374754433126321453340591074035150809",
"188449140536857782159819477884511704937",
"197544439373034341810080713276842969412",
"153349865046592865008787882262272597444",
"187701900009821217845576171478791954347",
"51523356647072415529973806522706056282",
"331411197851706031595791698626257154479",
"200648340404002698713230540883617237878",
"291937153109455865676966426905539135210",
"324223191412104588612265949222022942182",
"17913398821279964592949039738205323133",
"269433130191501427656357083996503776922",
"330987064347790367634085624996340091733",
"91223936914409441924813254414425619604",
"325378173573443472275361112463415644103",
"287579530890743514356978145267309982593",
"319939567335472273097174297889272027050",
"291811486281850887540243766547564767893",
"249647870867259750335089943664788441150",
"144265963491340248649473478542190540478",
"91948498411037382251476625793271228386",
"295792618341142664466127093094173492365",
"43081570664819921477546944879552109498",
"66107758496703185330263274402629233883",
"124926197069569629947393370760380026219",
"334188617176674857886728141985345768541",
"228369586563984698987006543878782700669",
"15798563826191010740947559150313298885",
"116863202642129286025878451680058762153",
"146277454325637818608687508793602003284",
"282004411876828035740330674150369964221",
"79918147484948303670356420068628303066",
"297300581836620491960506091451001883479",
"34844825005713743191720144609459978375",
"254478915897729469762296777279698731818",
"144296963873065578061840368753581589770",
"127859909330469910467338740705109130345",
"273015508789865742586552124561511175794",
"282224701178329475503221609757192880584",
"284161922811979258489583642615674636622",
"58593508189758836950952652704422505017",
"17247778764735300105341207209417487563",
"190616173423159807202218847752286888236",
"209341386259323223842833003972044027539",
"287711641836005354376935545631986258634",
"281815504387118393394517380859447603999",
"322651939004067436244751446792572730145",
"334042287484291639195884190704547119226",
"238156945584149944304603422223692235090",
"291998343075558143145056332353818344932",
"274740897342438651608626208409070752444",
"266452081818082117965000575381612727470",
"250057498403211640630312653588051654762",
"81871117521630270382971428919095441160",
"118235385216770947483563288284910559204",
"294055014197486619457410433819893385744",
"127866950746823654255049473701566458552",
"249522155415844421716126744960412313602",
"86505778237510115128788347868472588415",
"268819242831409397927316799491267877278",
"157202305345355470670489834655954068613",
"148425567089264707117332363482736578814",
"323547897254938510978234447173907048166",
"262910271944081895553041647437912678629",
"339075066812383654504456629127777366662",
"93647333721641404377826143326150395241",
"174122158033938482596942383839342960298"
]
},
"id": "CVE-2025-23132-ebf128f4",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eb85c2410d6f581e957cd03a644ff6ddbe592af9",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "fs/f2fs/super.c"
},
"signature_type": "Line"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"335776930927916366894240690743982974203",
"146058239616586669323462632693650522505",
"172077289751655321230985734380517373047",
"254829279740140616706238050248716789674",
"208338446249875343543675472660783900582",
"198930959946899450686014422361351981193",
"99333794163152585086946142513925363895",
"227338563310051837133654870549133211469"
]
},
"id": "CVE-2025-23132-fec2d4ae",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d7acf0a6c87aa282c86a36dbaa2f92fda88c5884",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "fs/f2fs/f2fs.h"
},
"signature_type": "Line"
}
]