CVE-2025-38164

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.13.0-rc1

Description: A vulnerability in the Linux kernel has been resolved, which was caused by an inconsistency between SIT and SSA in the f2fs file system. This issue could lead to a crash of the file system when trying to migrate blocks in the current segment. The problem occurred because the SSA block was not up-to-date due to the last summary block data still being in the cache of the current segment. The vulnerability could be triggered by a specific test case involving the creation of a null block device, formatting it with f2fs, and then using the fallocate command to allocate a large file.

Recommendations: For Linux kernel versions prior to 6.13.0-rc1, update to a newer version that includes the fix for this issue. As a temporary workaround, consider avoiding the use of the fallocate command with large files on f2fs file systems until the issue is resolved. Additionally, restricting access to the f2fs file system or disabling the f2fs gc range() function may help minimize the risk of exploitation.