DEBIAN-CVE-2025-71072
- Source
- https://security-tracker.debian.org/tracker/CVE-2025-71072
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2025-71072.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2025-71072
- Upstream
- Downstream
- Published
- 2026-01-13T16:16:06.633Z
- Modified
- 2026-02-10T08:44:12.753951Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: shmem: fix recovery on rename failures mapletree insertions can fail if we are seriously short on memory; simpleoffsetrename() does not recover well if it runs into that. The same goes for simpleoffsetrenameexchange(). Moreover, shmemwhiteout() expects that if it succeeds, the caller will progress to dmove(), i.e. that shmemrename2() won't fail past the successful call of shmemwhiteout(). Not hard to fix, fortunately - mtreestore() can't fail if the index we are trying to store into is already present in the tree as a singleton. For simpleoffsetrenameexchange() that's enough - we just need to be careful about the order of operations. For simpleoffsetrename() solution is to preinsert the target into the tree for newdir; the rest can be done without any potentially failing operations. That preinsertion has to be done in shmemrename2() rather than in simpleoffsetrename() itself - otherwise we'd need to deal with the possibility of failure after successful shmem_whiteout().
- References
Affected packages
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.12.69-1
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.18.3-1