CVE-2025-40025

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc1-syzkaller-00211-g90d970cade8e

Description The Linux kernel's f2fs filesystem contained a flaw where a non-inode dnode could have the same footer information as an inode. This could lead to an incorrect block address count being calculated within the f2fs truncate hole() function, potentially triggering a kernel panic. The issue stemmed from a lack of proper sanity checks on node footers for non-inode dnodes. The fix introduces a new node type, NODE TYPE NON INODE, and enhances the sanity check node footer() function to detect this corruption. The issue was discovered by syzbot during fuzzing.

Recommendations Update to Linux kernel version 6.17.0-rc1-syzkaller-00211-g90d970cade8e or a later version that includes the fix.