CVE-2025-71065
- Source
- https://cve.org/CVERecord?id=CVE-2025-71065
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-71065.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-71065
- Downstream
- Related
- Published
- 2026-01-13T15:31:21.235Z
- Modified
- 2026-01-30T02:21:14.777795Z
- Summary
- f2fs: fix to avoid potential deadlock
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to avoid potential deadlock
As Jiaming Zhang and syzbot reported, there is potential deadlock in f2fs as below:
Chain exists of: &sbi->cprwsem --> fsreclaim --> sb_internal#2
Possible unsafe locking scenario:
CPU0 CPU1 ---- ----rlock(sbinternal#2); lock(fsreclaim); lock(sbinternal#2); rlock(&sbi->cprwsem);
* DEADLOCK *
3 locks held by kswapd0/73: #0: ffffffff8e247a40 (fsreclaim){+.+.}-{0:0}, at: balancepgdat mm/vmscan.c:7015 [inline] #0: ffffffff8e247a40 (fsreclaim){+.+.}-{0:0}, at: kswapd+0x951/0x2800 mm/vmscan.c:7389 #1: ffff8880118400e0 (&type->sumountkey#50){.+.+}-{4:4}, at: supertrylockshared fs/super.c:562 [inline] #1: ffff8880118400e0 (&type->sumountkey#50){.+.+}-{4:4}, at: supercachescan+0x91/0x4b0 fs/super.c:197 #2: ffff888011840610 (sbinternal#2){.+.+}-{0:0}, at: f2fsevictinode+0x8d9/0x1b60 fs/f2fs/inode.c:890
stack backtrace: CPU: 0 UID: 0 PID: 73 Comm: kswapd0 Not tainted syzkaller #0 PREEMPT(full) Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 Call Trace: <TASK> dumpstacklvl+0x189/0x250 lib/dumpstack.c:120 printcircularbug+0x2ee/0x310 kernel/locking/lockdep.c:2043 checknoncircular+0x134/0x160 kernel/locking/lockdep.c:2175 checkprevadd kernel/locking/lockdep.c:3165 [inline] checkprevsadd kernel/locking/lockdep.c:3284 [inline] validatechain+0xb9b/0x2140 kernel/locking/lockdep.c:3908 _lockacquire+0xab9/0xd20 kernel/locking/lockdep.c:5237 lockacquire+0x120/0x360 kernel/locking/lockdep.c:5868 downread+0x46/0x2e0 kernel/locking/rwsem.c:1537 f2fsdownread fs/f2fs/f2fs.h:2278 [inline] f2fslockop fs/f2fs/f2fs.h:2357 [inline] f2fsdotruncateblocks+0x21c/0x10c0 fs/f2fs/file.c:791 f2fstruncateblocks+0x10a/0x300 fs/f2fs/file.c:867 f2fstruncate+0x489/0x7c0 fs/f2fs/file.c:925 f2fsevictinode+0x9f2/0x1b60 fs/f2fs/inode.c:897 evict+0x504/0x9c0 fs/inode.c:810 f2fsevictinode+0x1dc/0x1b60 fs/f2fs/inode.c:853 evict+0x504/0x9c0 fs/inode.c:810 disposelist fs/inode.c:852 [inline] pruneicachesb+0x21b/0x2c0 fs/inode.c:1000 supercachescan+0x39b/0x4b0 fs/super.c:224 doshrinkslab+0x6ef/0x1110 mm/shrinker.c:437 shrinkslabmemcg mm/shrinker.c:550 [inline] shrinkslab+0x7ef/0x10d0 mm/shrinker.c:628 shrinkone+0x28a/0x7c0 mm/vmscan.c:4955 shrinkmany mm/vmscan.c:5016 [inline] lrugenshrinknode mm/vmscan.c:5094 [inline] shrinknode+0x315d/0x3780 mm/vmscan.c:6081 kswapdshrinknode mm/vmscan.c:6941 [inline] balancepgdat mm/vmscan.c:7124 [inline] kswapd+0x147c/0x2800 mm/vmscan.c:7389 kthread+0x70e/0x8a0 kernel/kthread.c:463 retfromfork+0x4bc/0x870 arch/x86/kernel/process.c:158 retfromforkasm+0x1a/0x30 arch/x86/entry/entry64.S:245 </TASK>
The root cause is deadlock among four locks as below:
kswapd - fsreclaim --- Lock A - shrinkone - evict - f2fsevictinode - sbstartintwrite --- Lock B
- iput
- evict
- f2fsevictinode
- sbstartintwrite --- Lock B
- f2fstruncate
- f2fstruncateblocks
- f2fsdotruncate
- f2fslockop --- Lock C
- f2fstruncateblocks
- f2fsevictinode
- evict
ioctl - f2fsioccommitatomicwrite - f2fslockop --- Lock C - _f2fscommitatomicwrite - _replaceatomicwriteblock - f2fsgetdnodeofdata - _getnodefolio - f2fschecknidrange - f2fshandleerror - f2fsrecorderrors - f2fsdownwrite --- Lock D
open - doopen - dotruncate - securityinodeneedkillpriv - f2fsgetxattr - lookupallxattrs - f2fshandleerror - f2fsrecorderrors - f2fsdownwrite --- Lock D - f2fscommitsuper - readmappingfolio - filemapallocfolionoprof - prepareallocpages - fsreclaim_acquire --- Lock A
In order to a ---truncated---
- iput
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71065.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/6c3bab5c6261aa22c561ef56b7365959a90e7d91
- https://git.kernel.org/stable/c/86a85a7b622e6e8dba69810257733ce5eab5ed55
- https://git.kernel.org/stable/c/8bd6dff8b801abaa362272894bda795bf0cf1307
- https://git.kernel.org/stable/c/ca8b201f28547e28343a6f00a6e91fa8c09572fe
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71065.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-71065
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced95fa90c9e5a7f14c2497d5b032544478c9377c3aFixed8bd6dff8b801abaa362272894bda795bf0cf1307Fixed6c3bab5c6261aa22c561ef56b7365959a90e7d91Fixed86a85a7b622e6e8dba69810257733ce5eab5ed55Fixedca8b201f28547e28343a6f00a6e91fa8c09572fe