CVE-2025-38626
- Source
- https://cve.org/CVERecord?id=CVE-2025-38626
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38626.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-38626
- Downstream
- Related
- Published
- 2025-08-22T16:00:34.867Z
- Modified
- 2026-03-09T23:54:48.434852Z
- Summary
- f2fs: fix to trigger foreground gc during f2fs_map_blocks() in lfs mode
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to trigger foreground gc during f2fsmapblocks() in lfs mode
w/ "mode=lfs" mount option, generic/299 will cause system panic as below:
------------[ cut here ]------------ kernel BUG at fs/f2fs/segment.c:2835! Call Trace: <TASK> f2fsallocatedatablock+0x6f4/0xc50 f2fsmapblocks+0x970/0x1550 f2fsiomapbegin+0xb2/0x1e0 iomapiter+0x1d6/0x430 __iomapdiorw+0x208/0x9a0 f2fsfilewriteiter+0x6b3/0xfa0 aiowrite+0x15d/0x2e0 iosubmitone+0x55e/0xab0 __x64sysiosubmit+0xa5/0x230 dosyscall64+0x84/0x2f0 entrySYSCALL64afterhwframe+0x76/0x7e RIP: 0010:newcurseg+0x70f/0x720
The root cause of we run out-of-space is: in f2fsmapblocks(), f2fs may trigger foreground gc only if it allocates any physical block, it will be a little bit later when there is multiple threads writing data w/ aio/dio/bufio method in parallel, since we always use OPU in lfs mode, so f2fsmapblocks() does block allocations aggressively.
In order to fix this issue, let's give a chance to trigger foreground gc in prior to block allocation in f2fsmapblocks().
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38626.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/1005a3ca28e90c7a64fa43023f866b960a60f791
- https://git.kernel.org/stable/c/264ede8a52f18647ed5bb5f2bd9bf54f556ad8f5
- https://git.kernel.org/stable/c/385e64a0744584397b4b52b27c96703516f39968
- https://git.kernel.org/stable/c/82765ce5c7a56f9309ee45328e763610eaf11253
- https://git.kernel.org/stable/c/f289690f50a01c3e085d87853392d5b7436a4cee
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38626.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-38626
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced36abef4e796d382e81a0c2d21ea5327481dd7154Fixedf289690f50a01c3e085d87853392d5b7436a4ceeFixed82765ce5c7a56f9309ee45328e763610eaf11253Fixed264ede8a52f18647ed5bb5f2bd9bf54f556ad8f5Fixed385e64a0744584397b4b52b27c96703516f39968Fixed1005a3ca28e90c7a64fa43023f866b960a60f791