PT-2026-2501 · Linux+3 · Linux Kernel+3

Published

2025-11-05

·

Updated

2026-05-26

·

CVE-2025-68769

CVSS v2.0

4.6

Medium

VectorAV:L/AC:L/Au:S/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0-rc2+ #721
Description An issue exists in the Linux kernel's F2FS filesystem implementation where an incorrect return value from the f2fs recover fsync data() function can lead to a kernel panic. Specifically, the issue occurs when mounting an image with the ro,norecovery or ro,disable roll forward mount options. The f2fs recover fsync data() function may return a positive error number to vfs get tree(), resulting in a system crash. The provided scripts demonstrate how to trigger this panic. The function f2fs recover fsync data() is involved in the recovery of filesystem sync data.
Recommendations Update to a version newer than 6.18.0-rc2+ #721.

Exploit

Fix

Unchecked Return Value

Weakness Enumeration

CWE-252

Related Identifiers

AZL-74396
BDU:2026-00744
CVE-2025-68769
ECHO-1D57-D65E-B4BF
MGASA-2026-0017
MGASA-2026-0018
USN-8096-1
USN-8096-2
USN-8096-3
USN-8096-4
USN-8096-5
USN-8116-1
USN-8141-1
USN-8163-1
USN-8163-2
USN-8177-1
USN-8177-2
USN-8179-1
USN-8179-2
USN-8179-3
USN-8179-4
USN-8183-1
USN-8183-2
USN-8184-1
USN-8185-1
USN-8185-2
USN-8203-1
USN-8204-1
USN-8243-1
USN-8245-1
USN-8257-1
USN-8258-1
USN-8260-1
USN-8261-1
USN-8265-1

Affected Products

F2Fs
Linuxmint
Linux Kernel
Ubuntu