CVE-2025-38333

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-38333
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38333.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-38333
Downstream
Published
2025-07-10T08:15:05.768Z
Modified
2026-03-09T23:57:58.864211Z
Summary
f2fs: fix to bail out in get_new_segment()
Details

In the Linux kernel, the following vulnerability has been resolved:

f2fs: fix to bail out in getnewsegment()

------------[ cut here ]------------ WARNING: CPU: 3 PID: 579 at fs/f2fs/segment.c:2832 newcurseg+0x5e8/0x6dc pc : newcurseg+0x5e8/0x6dc Call trace: newcurseg+0x5e8/0x6dc f2fsallocatedatablock+0xa54/0xe28 dowritepage+0x6c/0x194 f2fsdowritenodepage+0x38/0x78 __writenodepage+0x248/0x6d4 f2fs_syncnodepages+0x524/0x72c f2fswritecheckpoint+0x4bc/0x9b0 _checkpointandcompletereqs+0x80/0x244 issuecheckpointthread+0x8c/0xec kthread+0x114/0x1bc retfromfork+0x10/0x20

getnewsegment() detects inconsistent status in between freesegmap and freesecmap, let's record such error into super block, and bail out getnewsegment() instead of continue using the segment.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38333.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
98e4da8ca301e062d79ae168c67e56f3c3de3ce4
Fixed
f0023d7a2a86999c8e1300e911d92f995a5310a8
Fixed
ca860f507a61c7c3d4dde47b830a5c0d555cf83c
Fixed
bb5eb8a5b222fa5092f60d5555867a05ebc3bdf2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38333.json"