CVE-2025-71107

MEDIUM
2026-01-14 416baaa9-dc9f-4396-8d5f-8c081fb06d67
5.5
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

4
Patch Released
Apr 09, 2026 - 08:30 nvd
Patch available
PoC Detected
Mar 25, 2026 - 19:33 vuln.today
Public exploit code
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
CVE Published
Jan 14, 2026 - 15:15 nvd
MEDIUM 5.5

Tags

Linux Debian Denial Of Service Null Pointer Dereference Linux Kernel Redhat Suse

Description

In the Linux kernel, the following vulnerability has been resolved: f2fs: ensure node page reads complete before f2fs_put_super() finishes Xfstests generic/335, generic/336 sometimes crash with the following message: F2FS-fs (dm-0): detect filesystem reference count leak during umount, type: 9, count: 1 ------------[ cut here ]------------ kernel BUG at fs/f2fs/super.c:1939! Oops: invalid opcode: 0000 [#1] SMP NOPTI CPU: 1 UID: 0 PID: 609351 Comm: umount Tainted: G W 6.17.0-rc5-xfstests-g9dd1835ecda5 #1 PREEMPT(none) Tainted: [W]=WARN Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 RIP: 0010:f2fs_put_super+0x3b3/0x3c0 Call Trace: <TASK> generic_shutdown_super+0x7e/0x190 kill_block_super+0x1a/0x40 kill_f2fs_super+0x9d/0x190 deactivate_locked_super+0x30/0xb0 cleanup_mnt+0xba/0x150 task_work_run+0x5c/0xa0 exit_to_user_mode_loop+0xb7/0xc0 do_syscall_64+0x1ae/0x1c0 entry_SYSCALL_64_after_hwframe+0x76/0x7e </TASK> ---[ end trace 0000000000000000 ]--- It appears that sometimes it is possible that f2fs_put_super() is called before all node page reads are completed. Adding a call to f2fs_wait_on_all_pages() for F2FS_RD_NODE fixes the problem.

Analysis

In the Linux kernel, the following vulnerability has been resolved:

f2fs: ensure node page reads complete before f2fs_put_super() finishes

Xfstests generic/335, generic/336 sometimes crash with the following message:

F2FS-fs (dm-0): detect filesystem reference count leak during umount, type: 9, count: 1 ------------[ cut here ]------------ kernel BUG at fs/f2fs/super.c:1939!

Technical Context

In the Linux kernel, the following vulnerability has been resolved:

f2fs: ensure node page reads complete before f2fs_put_super() finishes

Xfstests generic/335, generic/336 sometimes crash with the following message:

F2FS-fs (dm-0): detect filesystem reference count leak during umount, type: 9, count: 1

------------[ cut here ]------------

kernel BUG at fs/f2fs/super.c:1939!

Oops: invalid opcode: 0000 [#1] SMP NOPTI

CPU: 1 UID: 0 PID: 609351 Comm: umount Tainted: G W 6.17.0-r

Affected Products

In the Linux kernel, the following vulnerability has been resolved: f2fs: ensure node page reads complete before f2fs_put_super() finishes Xfstests

Remediation

Monitor vendor advisories for a patch.

Priority Score

48
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +28
POC: +20

Vendor Status

Share

CVE-2025-71107 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy