CVE-2025-68356

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s gfs2 subsystem related to memory reclaim. The new inode() function returns a new inode with a gfp mask set to GFP HIGHUSER MOVABLE, which includes the GFP FS flag. This allows allocations within that address space to recurse into filesystem memory reclaim, potentially consuming significant stack memory and leading to deadlocks, particularly during filesystem transactions like those involving gfs2 unstuff dinode(). The issue arises because memory reclaim can trigger another transaction, resulting in a deadlock. The fix prevents memory reclaim from recursing into filesystem code by ensuring the gfp mask of inode address spaces does not include GFP FS. The fix is based on a similar solution implemented for XFS.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.