Linux Kernel
CVE-2025-71237
MEDIUM
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
3DescriptionCVE.org
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: Fix potential block overflow that cause system hang
When a user executes the FITRIM command, an underflow can occur when calculating nblocks if end_block is too small. Since nblocks is of type sector_t, which is u64, a negative nblocks value will become a very large positive integer. This ultimately leads to the block layer function __blkdev_issue_discard() taking an excessively long time to process the bio chain, and the ns_segctor_sem lock remains held for a long period. This prevents other tasks from acquiring the ns_segctor_sem lock, resulting in the hang reported by syzbot in [1].
If the ending block is too small, typically if it is smaller than 4KiB range, depending on the usage of the segment 0, it may be possible to attempt a discard request beyond the device size causing the hang.
Exiting successfully and assign the discarded size (0 in this case) to range->len.
Although the start and len values in the user input range are too small, a conservative strategy is adopted here to safely ignore them, which is equivalent to a no-op; it will not perform any trimming and will not throw an error.
[1] task:segctord state:D stack:28968 pid:6093 tgid:6093 ppid:2 task_flags:0x200040 flags:0x00080000 Call Trace: rwbase_write_lock+0x3dd/0x750 kernel/locking/rwbase_rt.c:272 nilfs_transaction_lock+0x253/0x4c0 fs/nilfs2/segment.c:357 nilfs_segctor_thread_construct fs/nilfs2/segment.c:2569 [inline] nilfs_segctor_thread+0x6ec/0xe00 fs/nilfs2/segment.c:2684
[ryusuke: corrected part of the commit message about the consequences]
AnalysisAI
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: Fix potential block overflow that cause system hang
When a user executes the FITRIM command, an underflow can occur when calculating nblocks if end_block is too small.
Technical ContextAI
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: Fix potential block overflow that cause system hang
When a user executes the FITRIM command, an underflow can occur when calculating nblocks if end_block is too small. Since nblocks is of type sector_t, which is u64, a negative nblocks value will become a very large positive integer. This ultimately leads to the block layer function __blkdev_issue_discard() taking an excessively long time to process the bio chain, and
RemediationAI
Monitor vendor advisories for a patch.
More in Linux Kernel
View allLinux kernel contains a flaw known as 'Dirty Pipe' where improper pipe buffer flag initialization allows unprivileged lo
The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does no
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate cer
The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial
Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. Rated high severity (CVSS 7.0). Public ex
The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr op
The mem_write function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when
The compat_sys_recvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIG_X86_X32 is enabled, allo
Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cau
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object ref
A remote code execution vulnerability in the Broadcom Wi-Fi firmware could enable a remote attacker to execute arbitrary
It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the h
Same technique Buffer Overflow
View allVendor StatusVendor
SUSE
Severity: Medium| Product | Status |
|---|---|
| openSUSE Tumbleweed | Fixed |
| SUSE Linux Enterprise Desktop 15 SP7 | Fixed |
| SUSE Linux Enterprise Desktop 15 SP7 | Fixed |
| SUSE Linux Enterprise High Availability Extension 15 SP7 | Fixed |
| SUSE Linux Enterprise High Availability Extension 15 SP7 | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP7 | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP7 | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP7 | Fixed |
| SUSE Linux Enterprise Live Patching 15 SP7 | Fixed |
| SUSE Linux Enterprise Live Patching 15 SP7 | Fixed |
| SUSE Linux Enterprise Micro 5.2 | Fixed |
| SUSE Linux Enterprise Micro 5.2 | Fixed |
| SUSE Linux Enterprise Micro 5.2 | Fixed |
| SUSE Linux Enterprise Micro 5.2 | Fixed |
| SUSE Linux Enterprise Micro 5.3 | Fixed |
| SUSE Linux Enterprise Micro 5.3 | Fixed |
| SUSE Linux Enterprise Micro 5.3 | Fixed |
| SUSE Linux Enterprise Micro 5.3 | Fixed |
| SUSE Linux Enterprise Micro 5.4 | Fixed |
| SUSE Linux Enterprise Micro 5.4 | Fixed |
| SUSE Linux Enterprise Micro 5.4 | Fixed |
| SUSE Linux Enterprise Micro 5.4 | Fixed |
| SUSE Linux Enterprise Micro 5.5 | Fixed |
| SUSE Linux Enterprise Micro 5.5 | Fixed |
| SUSE Linux Enterprise Micro 5.5 | Fixed |
| SUSE Linux Enterprise Module for Basesystem 15 SP7 | Fixed |
| SUSE Linux Enterprise Module for Basesystem 15 SP7 | Fixed |
| SUSE Linux Enterprise Module for Development Tools 15 SP7 | Fixed |
| SUSE Linux Enterprise Module for Development Tools 15 SP7 | Fixed |
| SUSE Linux Enterprise Module for Legacy 15 SP7 | Fixed |
| SUSE Linux Enterprise Module for Legacy 15 SP7 | Fixed |
| SUSE Linux Enterprise Module for Public Cloud 15 SP7 | Fixed |
| SUSE Linux Enterprise Real Time 15 SP7 | Fixed |
| SUSE Linux Enterprise Server 15 SP7 | Fixed |
| SUSE Linux Enterprise Server 15 SP7 | Fixed |
| SUSE Linux Enterprise Server 15 SP7 | Fixed |
| SUSE Linux Enterprise Server 16.0 | Fixed |
| SUSE Linux Enterprise Server 16.0 | Fixed |
| SUSE Linux Enterprise Server 16.0 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 15 SP7 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 15 SP7 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 15 SP7 | Fixed |
| SUSE Linux Enterprise Server for SAP applications 16.0 | Fixed |
| SUSE Linux Enterprise Server for SAP applications 16.0 | Fixed |
| SUSE Linux Enterprise Server for SAP applications 16.0 | Fixed |
| SUSE Linux Enterprise Workstation Extension 15 SP7 | Fixed |
| SUSE Linux Enterprise Workstation Extension 15 SP7 | Fixed |
| SUSE Linux Micro 6.0 | Fixed |
| SUSE Linux Micro 6.0 | Fixed |
| SUSE Linux Micro 6.0 | Fixed |
| SUSE Linux Micro 6.1 | Fixed |
| SUSE Linux Micro 6.1 | Fixed |
| SUSE Linux Micro 6.1 | Fixed |
| SUSE Linux Micro 6.2 | Fixed |
| SUSE Real Time Module 15 SP7 | Fixed |
| openSUSE Leap 15.6 | Fixed |
| openSUSE Leap 15.6 | Fixed |
| openSUSE Leap 15.6 | Fixed |
| openSUSE Leap 15.6 | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP4 | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP5 | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS | Fixed |
| SUSE Linux Enterprise Live Patching 12 SP5 | Fixed |
| SUSE Linux Enterprise Live Patching 12 SP5 | Fixed |
| SUSE Linux Enterprise Live Patching 15 SP4 | Fixed |
| SUSE Linux Enterprise Live Patching 15 SP4 | Fixed |
| SUSE Linux Enterprise Live Patching 15 SP5 | Fixed |
| SUSE Linux Enterprise Live Patching 15 SP5 | Fixed |
| SUSE Linux Enterprise Module for Basesystem 15 SP4 | Fixed |
| SUSE Linux Enterprise Module for Basesystem 15 SP5 | Fixed |
| SUSE Linux Enterprise Module for Basesystem 15 SP6 | Fixed |
| SUSE Linux Enterprise Module for Development Tools 15 SP4 | Fixed |
| SUSE Linux Enterprise Module for Development Tools 15 SP5 | Fixed |
| SUSE Linux Enterprise Module for Development Tools 15 SP6 | Fixed |
| SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE | Fixed |
| SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE | Fixed |
| SUSE Linux Enterprise Server 12 SP5 | Fixed |
| SUSE Linux Enterprise Server 12 SP5-LTSS | Fixed |
| SUSE Linux Enterprise Server 12 SP5-LTSS | Fixed |
| SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security | Fixed |
| SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security | Fixed |
| SUSE Linux Enterprise Server 15 SP4 | Fixed |
| SUSE Linux Enterprise Server 15 SP4-LTSS | Fixed |
| SUSE Linux Enterprise Server 15 SP4-LTSS | Fixed |
| SUSE Linux Enterprise Server 15 SP5 | Fixed |
| SUSE Linux Enterprise Server 15 SP5-LTSS | Fixed |
| SUSE Linux Enterprise Server 15 SP5-LTSS | Fixed |
| SUSE Linux Enterprise Server 15 SP6 | Fixed |
| SUSE Linux Enterprise Server 15 SP6 | Fixed |
| SUSE Linux Enterprise Server 15 SP6-LTSS | Fixed |
| SUSE Linux Enterprise Server 15 SP6-LTSS | Fixed |
| SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 15 SP6 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 15 SP6 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 15 SP6 | Fixed |
| SUSE Manager Proxy 4.3 | Fixed |
| SUSE Manager Proxy LTS 4.3 | Fixed |
| SUSE Manager Retail Branch Server 4.3 | Fixed |
| SUSE Manager Retail Branch Server LTS 4.3 | Fixed |
| SUSE Manager Server 4.3 | Fixed |
| SUSE Manager Server LTS 4.3 | Fixed |
| SUSE CaaS Platform 4.0 | Fixed |
| SUSE Enterprise Storage 6 | Fixed |
| SUSE Enterprise Storage 7 | Fixed |
| SUSE Enterprise Storage 7.1 | Fixed |
| SUSE Linux Enterprise Desktop 11 SP4 | Fixed |
| SUSE Linux Enterprise Desktop 12 SP2 | Fixed |
| SUSE Linux Enterprise Desktop 12 SP4 | Fixed |
| SUSE Linux Enterprise Desktop 15 SP1 | Fixed |
| SUSE Linux Enterprise Desktop 15 SP2 | Fixed |
| SUSE Linux Enterprise Desktop 15 SP3 | Fixed |
| SUSE Linux Enterprise Desktop 15 SP4 | Fixed |
| SUSE Linux Enterprise Desktop 15 SP5 | Fixed |
| SUSE Linux Enterprise Desktop 15 SP6 | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP1 | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP2 | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP3 | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP6 | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP6 | Fixed |
| SUSE Linux Enterprise Micro 5.0 | Fixed |
| SUSE Linux Enterprise Micro 5.1 | Fixed |
| SUSE Linux Enterprise Micro 5.1 | Fixed |
| SUSE Linux Enterprise Micro 5.1 | Fixed |
| SUSE Linux Enterprise Module for Basesystem 15 SP1 | Fixed |
| SUSE Linux Enterprise Module for Basesystem 15 SP2 | Fixed |
| SUSE Linux Enterprise Module for Basesystem 15 SP3 | Fixed |
| SUSE Linux Enterprise Module for Development Tools 15 SP1 | Fixed |
| SUSE Linux Enterprise Module for Development Tools 15 SP2 | Fixed |
| SUSE Linux Enterprise Module for Development Tools 15 SP3 | Fixed |
| SUSE Linux Enterprise Module for Public Cloud 15 SP6 | Fixed |
| SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT | Fixed |
| SUSE Linux Enterprise Real Time 15 SP2 | Fixed |
| SUSE Linux Enterprise Real Time 15 SP3 | Fixed |
| SUSE Linux Enterprise Real Time 15 SP3 | Fixed |
| SUSE Linux Enterprise Real Time 15 SP4 | Fixed |
| SUSE Linux Enterprise Real Time 15 SP4 | Fixed |
| SUSE Linux Enterprise Real Time 15 SP5 | Fixed |
| SUSE Linux Enterprise Real Time 15 SP6 | Fixed |
| SUSE Linux Enterprise Server 11 SP4 | Fixed |
| SUSE Linux Enterprise Server 11 SP4-LTSS | Fixed |
| SUSE Linux Enterprise Server 12 SP2 | Fixed |
| SUSE Linux Enterprise Server 12 SP2-BCL | Fixed |
| SUSE Linux Enterprise Server 12 SP2-ESPOS | Fixed |
| SUSE Linux Enterprise Server 12 SP2-LTSS | Fixed |
| SUSE Linux Enterprise Server 12 SP2-LTSS | Fixed |
| SUSE Linux Enterprise Server 12 SP4 | Fixed |
| SUSE Linux Enterprise Server 12 SP4-ESPOS | Fixed |
| SUSE Linux Enterprise Server 12 SP4-LTSS | Fixed |
| SUSE Linux Enterprise Server 12 SP4-LTSS | Fixed |
| SUSE Linux Enterprise Server 15 SP1 | Fixed |
| SUSE Linux Enterprise Server 15 SP1-BCL | Fixed |
| SUSE Linux Enterprise Server 15 SP1-LTSS | Fixed |
| SUSE Linux Enterprise Server 15 SP1-LTSS | Fixed |
| SUSE Linux Enterprise Server 15 SP2 | Fixed |
| SUSE Linux Enterprise Server 15 SP2-BCL | Fixed |
| SUSE Linux Enterprise Server 15 SP2-LTSS | Fixed |
| SUSE Linux Enterprise Server 15 SP2-LTSS | Fixed |
| SUSE Linux Enterprise Server 15 SP3 | Fixed |
| SUSE Linux Enterprise Server 15 SP3-BCL | Fixed |
| SUSE Linux Enterprise Server 15 SP3-LTSS | Fixed |
| SUSE Linux Enterprise Server 15 SP3-LTSS | Fixed |
| SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 12 SP2 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 12 SP4 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 15 SP1 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 15 SP2 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 15 SP3 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 15 SP4 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 15 SP4 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 15 SP5 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 15 SP5 | Fixed |
| SUSE Manager Proxy 4.0 | Fixed |
| SUSE Manager Proxy 4.1 | Fixed |
| SUSE Manager Proxy 4.2 | Fixed |
| SUSE Manager Retail Branch Server 4.0 | Fixed |
| SUSE Manager Retail Branch Server 4.1 | Fixed |
| SUSE Manager Retail Branch Server 4.2 | Fixed |
| SUSE Manager Server 4.0 | Fixed |
| SUSE Manager Server 4.1 | Fixed |
| SUSE Manager Server 4.2 | Fixed |
| SUSE OpenStack Cloud 7 | Fixed |
| SUSE OpenStack Cloud 9 | Fixed |
| SUSE OpenStack Cloud Crowbar 9 | Fixed |
| SUSE Real Time Module 15 SP3 | Fixed |
| SUSE Real Time Module 15 SP4 | Fixed |
| SUSE Real Time Module 15 SP5 | Fixed |
| SUSE Real Time Module 15 SP6 | Fixed |
| openSUSE Leap 15.3 | Fixed |
| openSUSE Leap 15.3 | Fixed |
| openSUSE Leap 15.4 | Fixed |
| openSUSE Leap 15.4 | Fixed |
| openSUSE Leap 15.5 | Fixed |
| openSUSE Leap 15.5 | Fixed |
Share
External POC / Exploit Code
Leaving vuln.today