{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T13:16:15.745","vulnerabilities":[{"cve":{"id":"CVE-2025-38164","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-07-03T09:15:31.863","lastModified":"2026-03-25T11:16:10.470","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: zone: fix to avoid inconsistence in between SIT and SSA\n\nw/ below testcase, it will cause inconsistence in between SIT and SSA.\n\ncreate_null_blk 512 2 1024 1024\nmkfs.f2fs -m /dev/nullb0\nmount /dev/nullb0 /mnt/f2fs/\ntouch /mnt/f2fs/file\nf2fs_io pinfile set /mnt/f2fs/file\nfallocate -l 4GiB /mnt/f2fs/file\n\nF2FS-fs (nullb0): Inconsistent segment (0) type [1, 0] in SSA and SIT\nCPU: 5 UID: 0 PID: 2398 Comm: fallocate Tainted: G           O       6.13.0-rc1 #84\nTainted: [O]=OOT_MODULE\nHardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006\nCall Trace:\n <TASK>\n dump_stack_lvl+0xb3/0xd0\n dump_stack+0x14/0x20\n f2fs_handle_critical_error+0x18c/0x220 [f2fs]\n f2fs_stop_checkpoint+0x38/0x50 [f2fs]\n do_garbage_collect+0x674/0x6e0 [f2fs]\n f2fs_gc_range+0x12b/0x230 [f2fs]\n f2fs_allocate_pinning_section+0x5c/0x150 [f2fs]\n f2fs_expand_inode_data+0x1cc/0x3c0 [f2fs]\n f2fs_fallocate+0x3c3/0x410 [f2fs]\n vfs_fallocate+0x15f/0x4b0\n __x64_sys_fallocate+0x4a/0x80\n x64_sys_call+0x15e8/0x1b80\n do_syscall_64+0x68/0x130\n entry_SYSCALL_64_after_hwframe+0x67/0x6f\nRIP: 0033:0x7f9dba5197ca\nF2FS-fs (nullb0): Stopped filesystem due to reason: 4\n\nThe reason is f2fs_gc_range() may try to migrate block in curseg, however,\nits SSA block is not uptodate due to the last summary block data is still\nin cache of curseg.\n\nIn this patch, we add a condition in f2fs_gc_range() to check whether\nsection is opened or not, and skip block migration for opened section."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: f2fs: zona: corrección para evitar inconsistencia entre SIT y SSA con el siguiente caso de prueba, provocará inconsistencia entre SIT y SSA. create_null_blk 512 2 1024 1024 mkfs.f2fs -m /dev/nullb0 mount /dev/nullb0 /mnt/f2fs/ touch /mnt/f2fs/file f2fs_io pinfile set /mnt/f2fs/file fallocate -l 4GiB /mnt/f2fs/file F2FS-fs (nullb0): Segmento inconsistente (0) tipo [1, 0] en SSA y SIT CPU: 5 UID: 0 PID: 2398 Comm: fallocate Contaminado: GO 6.13.0-rc1 #84 Contaminado: [O]=OOT_MODULE Nombre del hardware: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006 Rastreo de llamadas  dump_stack_lvl+0xb3/0xd0 dump_stack+0x14/0x20 f2fs_handle_critical_error+0x18c/0x220 [f2fs] f2fs_stop_checkpoint+0x38/0x50 [f2fs] do_garbage_collect+0x674/0x6e0 [f2fs] f2fs_gc_range+0x12b/0x230 [f2fs] f2fs_allocate_pinning_section+0x5c/0x150 [f2fs] f2fs_expand_inode_data+0x1cc/0x3c0 [f2fs] f2fs_fallocate+0x3c3/0x410 [f2fs] vfs_fallocate+0x15f/0x4b0 __x64_sys_fallocate+0x4a/0x80 x64_sys_call+0x15e8/0x1b80 do_syscall_64+0x68/0x130 entry_SYSCALL_64_after_hwframe+0x67/0x6f RIP: 0033:0x7f9dba5197ca F2FS-fs (nullb0): Sistema de archivos detenido por el motivo: 4. El motivo es que f2fs_gc_range() podría intentar migrar un bloque en curseg; sin embargo, su bloque SSA no está actualizado debido a que los últimos datos del bloque de resumen aún se encuentran en la caché de curseg. En este parche, añadimos una condición en f2fs_gc_range() para comprobar si la sección está abierta y omitir la migración del bloque en la sección abierta."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6.33","versionEndExcluding":"6.7","matchCriteriaId":"DABC3520-445B-4314-9ECC-75F9E79161E4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.9","versionEndExcluding":"6.12.34","matchCriteriaId":"A373E395-B1B2-445B-8784-2A89BF879AD5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.15.3","matchCriteriaId":"0541C761-BD5E-4C1A-8432-83B375D7EB92"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/44a51592ac657d8e422585414d7ec17a5b50fb0e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/773704c1ef96a8b70d0d186ab725f50548de82c4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8d9431b0d11a5030aa1ce477defee455b3821701","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d1365d2abfaf2d85ee51a005da3ca373aea97f6a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"}]}}]}