CVE-2025-39743

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-39743
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-39743.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-39743
Downstream
Related
Published
2025-09-11T16:52:17.043Z
Modified
2026-05-15T11:53:33.327196336Z
Summary
jfs: truncate good inode pages when hard link is 0
Details

In the Linux kernel, the following vulnerability has been resolved:

jfs: truncate good inode pages when hard link is 0

The fileset value of the inode copy from the disk by the reproducer is AGGRRESERVEDI. When executing evict, its hard link number is 0, so its inode pages are not truncated. This causes the bugon to be triggered when executing clear_inode() because nrpages is greater than 0.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39743.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.6.14
Fixed
5.4.297
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.241
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.190
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.149
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.103
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.43
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.15.11
Type
ECOSYSTEM
Events
Introduced
6.16.0
Fixed
6.16.2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-39743.json"