[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-40025":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":14,"duplicates":29,"related":30,"reserved_at":9,"published_at":33,"modified_at":34,"state":35,"summary":36,"references_raw":40,"kevs":51,"epss":52,"epss_history":55,"metrics":323,"affected":324},"CVE-2025-40025","In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to do sanity check on node footer for non inode dnode\n\nAs syzbot reported below:\n\n------------[ cut here ]------------\nkernel BUG at fs/f2fs/file.c:1243!\nOops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 5354 Comm: syz.0.0 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full)\nRIP: 0010:f2fs_truncate_hole+0x69e/0x6c0 fs/f2fs/file.c:1243\nCall Trace:\n \u003CTASK>\n f2fs_punch_hole+0x2db/0x330 fs/f2fs/file.c:1306\n f2fs_fallocate+0x546/0x990 fs/f2fs/file.c:2018\n vfs_fallocate+0x666/0x7e0 fs/open.c:342\n ksys_fallocate fs/open.c:366 [inline]\n __do_sys_fallocate fs/open.c:371 [inline]\n __se_sys_fallocate fs/open.c:369 [inline]\n __x64_sys_fallocate+0xc0/0x110 fs/open.c:369\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f1e65f8ebe9\n\nw/ a fuzzed image, f2fs may encounter panic due to it detects inconsistent\ntruncation range in direct node in f2fs_truncate_hole().\n\nThe root cause is: a non-inode dnode may has the same footer.ino and\nfooter.nid, so the dnode will be parsed as an inode, then ADDRS_PER_PAGE()\nmay return wrong blkaddr count which may be 923 typically, by chance,\ndn.ofs_in_node is equal to 923, then count can be calculated to 0 in below\nstatement, later it will trigger panic w/ f2fs_bug_on(, count == 0 || ...).\n\n\tcount = min(end_offset - dn.ofs_in_node, pg_end - pg_start);\n\nThis patch introduces a new node_type NODE_TYPE_NON_INODE, then allowing\npassing the new_type to sanity_check_node_footer in f2fs_get_node_folio()\nto detect corruption that a non-inode dnode has the same footer.ino and\nfooter.nid.\n\nScripts to reproduce:\nmkfs.f2fs -f /dev/vdb\nmount /dev/vdb /mnt/f2fs\ntouch /mnt/f2fs/foo\ntouch /mnt/f2fs/bar\ndd if=/dev/zero of=/mnt/f2fs/foo bs=1M count=8\numount /mnt/f2fs\ninject.f2fs --node --mb i_nid --nid 4 --idx 0 --val 5 /dev/vdb\nmount /dev/vdb /mnt/f2fs\nxfs_io /mnt/f2fs/foo -c \"fpunch 6984k 4k\"",null,[],[],[],[],[15,17,19,21,23,25,27],{"_key":16},"OPENSUSE-SU-2026:10301-1",{"_key":18},"OPENSUSE-SU-2025:15702-1",{"_key":20},"USN-7906-3",{"_key":22},"DEBIAN-CVE-2025-40025",{"_key":24},"UBUNTU-CVE-2025-40025",{"_key":26},"USN-7906-1",{"_key":28},"USN-7906-2",[],[31,32],{"_key":16},{"_key":18},"2025-10-28T09:32:31.806Z","2026-05-11T21:41:01.603Z","Deferred",{"cisa_kev":37,"cisa_ransomware":37,"cisa_vendor":9,"epss_severity":38,"epss_score":39,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":35},false,"low",0.00027,[41,47],{"url":42,"sources":43,"tags":46},"https://git.kernel.org/stable/c/186098f34b8a5d65eb828f952c8cc56272c60ea0",[44,45],"cve.org","nvd",[],{"url":48,"sources":49,"tags":50},"https://git.kernel.org/stable/c/c18ecd99e0c707ef8f83cace861cbc3162f4fdf1",[44,45],[],[],{"date":53,"score":39,"percentile":54},"2026-06-04",0.08057,[56,60,63,66,69,72,75,78,81,84,87,90,93,96,99,102,105,108,111,114,116,119,122,125,128,131,135,138,141,144,147,150,153,156,159,161,164,167,170,173,176,179,182,185,188,191,194,197,200,203,206,209,212,214,217,220,223,226,229,232,235,238,241,244,247,250,253,256,259,262,265,268,271,274,277,280,283,286,289,292,295,298,300,303,306,309,312,315,318,321],{"date":57,"score":58,"percentile":59},"2025-11-04",0.00024,0.05223,{"date":61,"score":58,"percentile":62},"2025-11-05",0.05226,{"date":64,"score":58,"percentile":65},"2025-11-06",0.05341,{"date":67,"score":58,"percentile":68},"2025-11-07",0.05352,{"date":70,"score":58,"percentile":71},"2025-11-08",0.05344,{"date":73,"score":58,"percentile":74},"2025-11-09",0.05345,{"date":76,"score":58,"percentile":77},"2025-11-10",0.0532,{"date":79,"score":58,"percentile":80},"2025-11-11",0.05349,{"date":82,"score":58,"percentile":83},"2025-11-12",0.05362,{"date":85,"score":58,"percentile":86},"2025-11-13",0.05378,{"date":88,"score":58,"percentile":89},"2025-11-14",0.05416,{"date":91,"score":58,"percentile":92},"2025-11-15",0.05443,{"date":94,"score":58,"percentile":95},"2025-11-16",0.05452,{"date":97,"score":58,"percentile":98},"2025-11-17",0.05447,{"date":100,"score":58,"percentile":101},"2025-11-18",0.03246,{"date":103,"score":58,"percentile":104},"2025-11-19",0.03296,{"date":106,"score":58,"percentile":107},"2025-11-20",0.03363,{"date":109,"score":58,"percentile":110},"2025-11-21",0.05505,{"date":112,"score":58,"percentile":113},"2025-11-22",0.05474,{"date":115,"score":58,"percentile":95},"2025-11-23",{"date":117,"score":58,"percentile":118},"2025-11-24",0.05431,{"date":120,"score":58,"percentile":121},"2025-11-25",0.05435,{"date":123,"score":58,"percentile":124},"2025-11-26",0.05462,{"date":126,"score":58,"percentile":127},"2025-11-27",0.05479,{"date":129,"score":58,"percentile":130},"2025-11-28",0.05459,{"date":132,"score":133,"percentile":134},"2025-11-29",0.00026,0.06306,{"date":136,"score":133,"percentile":137},"2025-11-30",0.063,{"date":139,"score":133,"percentile":140},"2025-12-01",0.06365,{"date":142,"score":133,"percentile":143},"2025-12-02",0.06379,{"date":145,"score":133,"percentile":146},"2025-12-03",0.06391,{"date":148,"score":133,"percentile":149},"2025-12-04",0.06361,{"date":151,"score":133,"percentile":152},"2025-12-05",0.06412,{"date":154,"score":133,"percentile":155},"2025-12-06",0.0642,{"date":157,"score":133,"percentile":158},"2025-12-07",0.06426,{"date":160,"score":133,"percentile":152},"2025-12-08",{"date":162,"score":133,"percentile":163},"2025-12-09",0.06469,{"date":165,"score":133,"percentile":166},"2025-12-10",0.06541,{"date":168,"score":133,"percentile":169},"2025-12-11",0.06535,{"date":171,"score":133,"percentile":172},"2025-12-12",0.06553,{"date":174,"score":133,"percentile":175},"2025-12-13",0.06584,{"date":177,"score":133,"percentile":178},"2025-12-14",0.06558,{"date":180,"score":133,"percentile":181},"2025-12-15",0.06529,{"date":183,"score":133,"percentile":184},"2025-12-16",0.0655,{"date":186,"score":133,"percentile":187},"2025-12-17",0.06638,{"date":189,"score":133,"percentile":190},"2025-12-18",0.06698,{"date":192,"score":133,"percentile":193},"2025-12-19",0.06687,{"date":195,"score":133,"percentile":196},"2025-12-20",0.06681,{"date":198,"score":133,"percentile":199},"2025-12-21",0.06671,{"date":201,"score":133,"percentile":202},"2025-12-22",0.06625,{"date":204,"score":133,"percentile":205},"2025-12-23",0.0662,{"date":207,"score":133,"percentile":208},"2025-12-24",0.06651,{"date":210,"score":133,"percentile":211},"2025-12-25",0.06714,{"date":213,"score":133,"percentile":211},"2025-12-26",{"date":215,"score":133,"percentile":216},"2025-12-27",0.06727,{"date":218,"score":133,"percentile":219},"2025-12-28",0.06711,{"date":221,"score":133,"percentile":222},"2025-12-29",0.06692,{"date":224,"score":133,"percentile":225},"2025-12-30",0.06674,{"date":227,"score":133,"percentile":228},"2025-12-31",0.06721,{"date":230,"score":133,"percentile":231},"2026-01-01",0.06785,{"date":233,"score":133,"percentile":234},"2026-01-02",0.06776,{"date":236,"score":133,"percentile":237},"2026-01-03",0.06766,{"date":239,"score":39,"percentile":240},"2026-01-04",0.07177,{"date":242,"score":39,"percentile":243},"2026-01-05",0.07127,{"date":245,"score":39,"percentile":246},"2026-01-06",0.0712,{"date":248,"score":39,"percentile":249},"2026-01-07",0.07144,{"date":251,"score":39,"percentile":252},"2026-01-08",0.07203,{"date":254,"score":39,"percentile":255},"2026-01-09",0.07218,{"date":257,"score":39,"percentile":258},"2026-01-10",0.07247,{"date":260,"score":39,"percentile":261},"2026-01-11",0.07233,{"date":263,"score":39,"percentile":264},"2026-01-12",0.07204,{"date":266,"score":39,"percentile":267},"2026-01-13",0.0719,{"date":269,"score":39,"percentile":270},"2026-01-14",0.07234,{"date":272,"score":39,"percentile":273},"2026-01-15",0.07241,{"date":275,"score":39,"percentile":276},"2026-01-16",0.07256,{"date":278,"score":39,"percentile":279},"2026-01-17",0.07265,{"date":281,"score":39,"percentile":282},"2026-01-18",0.07239,{"date":284,"score":39,"percentile":285},"2026-01-19",0.07207,{"date":287,"score":39,"percentile":288},"2026-01-20",0.07173,{"date":290,"score":39,"percentile":291},"2026-01-21",0.07165,{"date":293,"score":39,"percentile":294},"2026-01-22",0.07143,{"date":296,"score":39,"percentile":297},"2026-01-23",0.07201,{"date":299,"score":39,"percentile":276},"2026-01-24",{"date":301,"score":39,"percentile":302},"2026-01-25",0.07242,{"date":304,"score":39,"percentile":305},"2026-01-26",0.07226,{"date":307,"score":39,"percentile":308},"2026-01-27",0.0721,{"date":310,"score":39,"percentile":311},"2026-01-28",0.07188,{"date":313,"score":39,"percentile":314},"2026-01-29",0.07181,{"date":316,"score":39,"percentile":317},"2026-01-30",0.07193,{"date":319,"score":39,"percentile":320},"2026-01-31",0.07216,{"date":322,"score":39,"percentile":258},"2026-02-01",[],[325],{"ecosystem":9,"name":326,"vendor":327,"product":327,"cpe_part":328,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":329},"Linux","linux","a",[330,337,340],{"version":331,"is_range":332,"range_type":44,"version_start":333,"version_start_type":334,"version_end":335,"version_end_type":336,"fixed_in":9},">= 98e4da8ca301e062d79ae168c67e56f3c3de3ce4, \u003C 186098f34b8a5d65eb828f952c8cc56272c60ea0",true,"98e4da8ca301e062d79ae168c67e56f3c3de3ce4","including","186098f34b8a5d65eb828f952c8cc56272c60ea0","excluding",{"version":338,"is_range":332,"range_type":44,"version_start":333,"version_start_type":334,"version_end":339,"version_end_type":336,"fixed_in":9},">= 98e4da8ca301e062d79ae168c67e56f3c3de3ce4, \u003C c18ecd99e0c707ef8f83cace861cbc3162f4fdf1","c18ecd99e0c707ef8f83cace861cbc3162f4fdf1",{"version":341,"is_range":37,"range_type":44,"version_start":341,"version_start_type":334,"version_end":341,"version_end_type":334,"fixed_in":9},"3.8"]