CVE-2025-40054

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.30-android16-5

Description The Linux kernel contains a use-after-free (UAF) issue within the f2fs merge page bio() function. This flaw arises from a race condition during writeback operations, specifically when handling encrypted pages. The issue occurs when a bounced page, belonging to a file input/output (FIO) operation, is freed before being accessed in the f2fs is cp guarantee() function. This can lead to a kernel NULL pointer dereference. The vulnerability can be reproduced by running concurrent xfs io commands with pwrite and fdatasync operations on an encrypted file within an f2fs filesystem.

Recommendations Update to Linux kernel version 6.12.30-android16-5 or later.

Exploit

Fix

Use After Free

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-476

Related Identifiers

BDU:2025-13621

CVE-2025-40054

ECHO-8043-CCD6-3EA5

OPENSUSE-SU-2025:15702-1

OPENSUSE-SU-2026:10301-1

USN-8029-1

USN-8029-2

USN-8029-3

USN-8030-1

USN-8048-1

Affected Products

Debian

Linuxmint

Linux Kernel

Ubuntu

CVE-2025-40054

Weakness Enumeration

Related Identifiers

Affected Products

References · 601