CVE-2025-40233

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The extent map cache in the Linux kernel’s OCFS2 file system can become outdated when extents are moved or defragmented. This occurs because the cache is not invalidated after these operations, leading to stale extent flags being read. Specifically, a mismatch arises when write operations read cached flags that differ from the updated flags on disk, triggering a kernel BUG ON error within the ocfs2 refcount cal cow clusters() function. The issue is initiated by copy file range() creating a reflinked extent, followed by an ioctl(FITRIM) call that triggers ocfs2 move extents(). The ocfs2 move extents range() function reads and caches the extent, and subsequent operations on the moved or defragmented extent can then lead to the error. The fix involves clearing the extent map cache after each extent move or defrag operation within the ocfs2 move extents range() function to ensure subsequent operations read fresh extent data from disk.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.