CVE-2025-71230

Advisory lineage Upstream: 0 Downstream: 3

Downstream

DEBIAN-CVE-2025-71230 OPENSUSE-SU-2026:10387-1 UBUNTU-CVE-2025-71230

Analyzed

Published: 18 Feb 2026, 14:53

Last modified:11 May 2026, 21:56

Vulnerability Summary

Overall Risk (default)

low

22/100

CVSS Score

5.5 MEDIUM

v3.1 (nvd)

EPSS Score

0.02% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

18 Feb 2026, 14:53

Published

Vulnerability first disclosed

11 May 2026, 21:56

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: hfs: ensure sb->s_fs_info is always cleaned up When hfs was converted to the new mount api a bug was introduced by changing the allocation pattern of sb->s_fs_info. If setup_bdev_super() fails after a new superblock has been allocated by sget_fc(), but before hfs_fill_super() takes ownership of the filesystem-specific s_fs_info data it was leaked. Fix this by freeing sb->s_fs_info in hfs_kill_super().

CVSS Metrics

v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Trends

Current EPSS score: 0.02%• Percentile: 5%

Affected Systems

linux•linux
≥ 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, < 46c1d56ad321fb024761abd9af61a0cb616cf2f6 | ≥ 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, < 399219831514126bc9541e8eadefe02c6fbd9166 | ≥ ffcd06b6d13b72823aba0d7c871f7e4876e7916b, < 46c1d56ad321fb024761abd9af61a0cb616cf2f6 | ≥ ffcd06b6d13b72823aba0d7c871f7e4876e7916b, < 399219831514126bc9541e8eadefe02c6fbd9166 | ≥ ffcd06b6d13b72823aba0d7c871f7e4876e7916b, < 05ce49a902be15dc93854cbfc20161205a9ee446 | 6.13
linux•linux_kernel
≥ 6.13, < 6.18.11 | ≥ 6.19, < 6.19.1