CVE-2025-39791

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions:

Linux kernel (affected versions not specified)

Description:

The Linux kernel contains a flaw within the dm-crypt module related to handling write operations on zoned storage devices. Specifically, the issue arises from the splitting of BIOs (block I/O operations) before they are fully processed by dm-crypt, leading to potential deadlocks and file system data corruption when using XFS or Btrfs. The vulnerability occurs because the splitting of write BIOs can cause incorrect sector information to be returned during zone append operations, and can also lead to deadlocks due to interactions with queue freeze operations. The issue does not affect read operations or regular dm-crypt block devices.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-667CWE-833

Related Identifiers

BDU:2025-14996

CVE-2025-39791

DSA-6008-1

OPENSUSE-SU-2025:20081-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

Affected Products

Astra Linux

Linux Kernel

Red Os

Suse

CVE-2025-39791

Name of the Vulnerable Software and Affected Versions:

Description:

Recommendations:

Weakness Enumeration

Related Identifiers

Affected Products

References · 1275