CVE-2025-38627
f2fs: compress: fix UAF of f2fs_inode_info in f2fs_free_dic
References
Notes
carnil> Introduced in bff139b49d9f ("f2fs: handle decompress only post processing in
carnil> softirq"). Vulnerable versions: 6.0.
Bugs
Status
| Branch |
Status |
| upstream |
released (6.17-rc1) [39868685c2a94a70762bc6d77dc81d781d05bff5]
|
| 6.18-upstream-stable |
N/A "Fixed before branching point"
|
| 6.17-upstream-stable |
N/A "Fixed before branching point"
|
| 6.16-upstream-stable |
released (6.16.1) [8fae5b6addd5f6895e03797b56e3c7b9f9cd15c9]
|
| 6.15-upstream-stable |
needed
|
| 6.12-upstream-stable |
needed
|
| 6.6-upstream-stable |
released (6.6.118) [5d604d40cd3232b09cb339941ef958e49283ed0a]
|
| 6.1-upstream-stable |
needed
|
| 5.10-upstream-stable |
N/A "Vulnerable code not present"
|
| sid |
released (6.16.3-1)
|
| 6.12-trixie-security |
needed
|
| 6.1-bookworm-security |
needed
|
| 5.10-bullseye-security |
N/A "Vulnerable code not present"
|
