PT-2025-17269 · Linux+5 · Linux Kernel+5

Syzbot

·

Published

2025-04-18

·

Updated

2026-04-20

·

CVE-2025-37925

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.0-rc4
Description A vulnerability has been resolved in the Linux kernel related to the JFS filesystem. The issue occurs when the clear inode() function attempts to finalize an underlying JFS inode of unknown type. According to the JFS layout description, inode types from 5 to 15 are reserved for future extensions and should not be encountered on a valid filesystem. An extra check for valid inode type has been added in copy from dinode() to address this issue.
Recommendations To resolve this issue, update to a version of the Linux kernel that includes the fix for this vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2025-15556
CVE-2025-37925
DLA-4328-1
DSA-5975-1
ECHO-C34B-E913-B7A8
OESA-2025-1570
OESA-2025-1571
OESA-2025-1572
OESA-2025-1573
SUSE-SU-2025:01964-1
SUSE-SU-2025:01965-1
SUSE-SU-2025:02000-1
SUSE-SU-2025:02254-1
SUSE-SU-2025:02307-1
SUSE-SU-2025:02333-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:20408-1
SUSE-SU-2025:20413-1
SUSE-SU-2025:20419-1
SUSE-SU-2025:20421-1
SUSE-SU-2025_01964-1
SUSE-SU-2025_01965-1
SUSE-SU-2025_02000-1
SUSE-SU-2025_02254-1
SUSE-SU-2025_02307-1
SUSE-SU-2025_02333-1
USN-7594-1
USN-7594-2
USN-7594-3
USN-7909-1
USN-7909-2
USN-7909-3
USN-7909-4
USN-7909-5
USN-7910-1
USN-7910-2
USN-7933-1
USN-7938-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu