{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-39868", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T07:20:57.143Z", "datePublished": "2025-09-23T06:00:43.308Z", "dateUpdated": "2025-09-23T06:00:43.308Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-09-23T06:00:43.308Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nerofs: fix runtime warning on truncate_folio_batch_exceptionals()\n\nCommit 0e2f80afcfa6(\"fs/dax: ensure all pages are idle prior to\nfilesystem unmount\") introduced the WARN_ON_ONCE to capture whether\nthe filesystem has removed all DAX entries or not and applied the\nfix to xfs and ext4.\n\nApply the missed fix on erofs to fix the runtime warning:\n\n[ 5.266254] ------------[ cut here ]------------\n[ 5.266274] WARNING: CPU: 6 PID: 3109 at mm/truncate.c:89 truncate_folio_batch_exceptionals+0xff/0x260\n[ 5.266294] Modules linked in:\n[ 5.266999] CPU: 6 UID: 0 PID: 3109 Comm: umount Tainted: G S 6.16.0+ #6 PREEMPT(voluntary)\n[ 5.267012] Tainted: [S]=CPU_OUT_OF_SPEC\n[ 5.267017] Hardware name: Dell Inc. OptiPlex 5000/05WXFV, BIOS 1.5.1 08/24/2022\n[ 5.267024] RIP: 0010:truncate_folio_batch_exceptionals+0xff/0x260\n[ 5.267076] Code: 00 00 41 39 df 7f 11 eb 78 83 c3 01 49 83 c4 08 41 39 df 74 6c 48 63 f3 48 83 fe 1f 0f 83 3c 01 00 00 43 f6 44 26 08 01 74 df <0f> 0b 4a 8b 34 22 4c 89 ef 48 89 55 90 e8 ff 54 1f 00 48 8b 55 90\n[ 5.267083] RSP: 0018:ffffc900013f36c8 EFLAGS: 00010202\n[ 5.267095] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\n[ 5.267101] RDX: ffffc900013f3790 RSI: 0000000000000000 RDI: ffff8882a1407898\n[ 5.267108] RBP: ffffc900013f3740 R08: 0000000000000000 R09: 0000000000000000\n[ 5.267113] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000\n[ 5.267119] R13: ffff8882a1407ab8 R14: ffffc900013f3888 R15: 0000000000000001\n[ 5.267125] FS: 00007aaa8b437800(0000) GS:ffff88850025b000(0000) knlGS:0000000000000000\n[ 5.267132] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 5.267138] CR2: 00007aaa8b3aac10 CR3: 000000024f764000 CR4: 0000000000f52ef0\n[ 5.267144] PKRU: 55555554\n[ 5.267150] Call Trace:\n[ 5.267154] <TASK>\n[ 5.267181] truncate_inode_pages_range+0x118/0x5e0\n[ 5.267193] ? save_trace+0x54/0x390\n[ 5.267296] truncate_inode_pages_final+0x43/0x60\n[ 5.267309] evict+0x2a4/0x2c0\n[ 5.267339] dispose_list+0x39/0x80\n[ 5.267352] evict_inodes+0x150/0x1b0\n[ 5.267376] generic_shutdown_super+0x41/0x180\n[ 5.267390] kill_block_super+0x1b/0x50\n[ 5.267402] erofs_kill_sb+0x81/0x90 [erofs]\n[ 5.267436] deactivate_locked_super+0x32/0xb0\n[ 5.267450] deactivate_super+0x46/0x60\n[ 5.267460] cleanup_mnt+0xc3/0x170\n[ 5.267475] __cleanup_mnt+0x12/0x20\n[ 5.267485] task_work_run+0x5d/0xb0\n[ 5.267499] exit_to_user_mode_loop+0x144/0x170\n[ 5.267512] do_syscall_64+0x2b9/0x7c0\n[ 5.267523] ? __lock_acquire+0x665/0x2ce0\n[ 5.267535] ? __lock_acquire+0x665/0x2ce0\n[ 5.267560] ? lock_acquire+0xcd/0x300\n[ 5.267573] ? find_held_lock+0x31/0x90\n[ 5.267582] ? mntput_no_expire+0x97/0x4e0\n[ 5.267606] ? mntput_no_expire+0xa1/0x4e0\n[ 5.267625] ? mntput+0x24/0x50\n[ 5.267634] ? path_put+0x1e/0x30\n[ 5.267647] ? do_faccessat+0x120/0x2f0\n[ 5.267677] ? do_syscall_64+0x1a2/0x7c0\n[ 5.267686] ? from_kgid_munged+0x17/0x30\n[ 5.267703] ? from_kuid_munged+0x13/0x30\n[ 5.267711] ? __do_sys_getuid+0x3d/0x50\n[ 5.267724] ? do_syscall_64+0x1a2/0x7c0\n[ 5.267732] ? irqentry_exit+0x77/0xb0\n[ 5.267743] ? clear_bhb_loop+0x30/0x80\n[ 5.267752] ? clear_bhb_loop+0x30/0x80\n[ 5.267765] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 5.267772] RIP: 0033:0x7aaa8b32a9fb\n[ 5.267781] Code: c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 f3 0f 1e fa 31 f6 e9 05 00 00 00 0f 1f 44 00 00 f3 0f 1e fa b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 8b 15 e9 83 0d 00 f7 d8\n[ 5.267787] RSP: 002b:00007ffd7c4c9468 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6\n[ 5.267796] RAX: 0000000000000000 RBX: 00005a61592a8b00 RCX: 00007aaa8b32a9fb\n[ 5.267802] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005a61592b2080\n[ 5.267806] RBP: 00007ffd7c4c9540 R08: 00007aaa8b403b20 R09: 0000000000000020\n[ 5.267812] R10: 0000000000000001 R11: 0000000000000246 R12: 00005a61592a8c00\n[ 5.267817] R13: 00000000\n---truncated---"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/erofs/super.c"], "versions": [{"version": "bde708f1a65d025c45575bfe1e7bf7bdf7e71e87", "lessThan": "91c34cd6ca1bc67ccf2d104834956af56b5893de", "status": "affected", "versionType": "git"}, {"version": "bde708f1a65d025c45575bfe1e7bf7bdf7e71e87", "lessThan": "181993bb0d626cf88cc803f4356ce5c5abe86278", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/erofs/super.c"], "versions": [{"version": "6.15", "status": "affected"}, {"version": "0", "lessThan": "6.15", "status": "unaffected", "versionType": "semver"}, {"version": "6.16.8", "lessThanOrEqual": "6.16.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.17-rc6", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.15", "versionEndExcluding": "6.16.8"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.15", "versionEndExcluding": "6.17-rc6"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/91c34cd6ca1bc67ccf2d104834956af56b5893de"}, {"url": "https://git.kernel.org/stable/c/181993bb0d626cf88cc803f4356ce5c5abe86278"}], "title": "erofs: fix runtime warning on truncate_folio_batch_exceptionals()", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nerofs: fix runtime warning on truncate_folio_batch_exceptionals()\n\nCommit 0e2f80afcfa6(\"fs/dax: ensure all pages are idle prior to\nfilesystem unmount\") introduced the WARN_ON_ONCE to capture whether\nthe filesystem has removed all DAX entries or not and applied the\nfix to xfs and ext4.\n\nApply the missed fix on erofs to fix the runtime warning:\n\n[ 5.266254] ------------[ cut here ]------------\n[ 5.266274] WARNING: CPU: 6 PID: 3109 at mm/truncate.c:89 truncate_folio_batch_exceptionals+0xff/0x260\n[ 5.266294] Modules linked in:\n[ 5.266999] CPU: 6 UID: 0 PID: 3109 Comm: umount Tainted: G S 6.16.0+ #6 PREEMPT(voluntary)\n[ 5.267012] Tainted: [S]=CPU_OUT_OF_SPEC\n[ 5.267017] Hardware name: Dell Inc. OptiPlex 5000/05WXFV, BIOS 1.5.1 08/24/2022\n[ 5.267024] RIP: 0010:truncate_folio_batch_exceptionals+0xff/0x260\n[ 5.267076] Code: 00 00 41 39 df 7f 11 eb 78 83 c3 01 49 83 c4 08 41 39 df 74 6c 48 63 f3 48 83 fe 1f 0f 83 3c 01 00 00 43 f6 44 26 08 01 74 df <0f> 0b 4a 8b 34 22 4c 89 ef 48 89 55 90 e8 ff 54 1f 00 48 8b 55 90\n[ 5.267083] RSP: 0018:ffffc900013f36c8 EFLAGS: 00010202\n[ 5.267095] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\n[ 5.267101] RDX: ffffc900013f3790 RSI: 0000000000000000 RDI: ffff8882a1407898\n[ 5.267108] RBP: ffffc900013f3740 R08: 0000000000000000 R09: 0000000000000000\n[ 5.267113] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000\n[ 5.267119] R13: ffff8882a1407ab8 R14: ffffc900013f3888 R15: 0000000000000001\n[ 5.267125] FS: 00007aaa8b437800(0000) GS:ffff88850025b000(0000) knlGS:0000000000000000\n[ 5.267132] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 5.267138] CR2: 00007aaa8b3aac10 CR3: 000000024f764000 CR4: 0000000000f52ef0\n[ 5.267144] PKRU: 55555554\n[ 5.267150] Call Trace:\n[ 5.267154] <TASK>\n[ 5.267181] truncate_inode_pages_range+0x118/0x5e0\n[ 5.267193] ? save_trace+0x54/0x390\n[ 5.267296] truncate_inode_pages_final+0x43/0x60\n[ 5.267309] evict+0x2a4/0x2c0\n[ 5.267339] dispose_list+0x39/0x80\n[ 5.267352] evict_inodes+0x150/0x1b0\n[ 5.267376] generic_shutdown_super+0x41/0x180\n[ 5.267390] kill_block_super+0x1b/0x50\n[ 5.267402] erofs_kill_sb+0x81/0x90 [erofs]\n[ 5.267436] deactivate_locked_super+0x32/0xb0\n[ 5.267450] deactivate_super+0x46/0x60\n[ 5.267460] cleanup_mnt+0xc3/0x170\n[ 5.267475] __cleanup_mnt+0x12/0x20\n[ 5.267485] task_work_run+0x5d/0xb0\n[ 5.267499] exit_to_user_mode_loop+0x144/0x170\n[ 5.267512] do_syscall_64+0x2b9/0x7c0\n[ 5.267523] ? __lock_acquire+0x665/0x2ce0\n[ 5.267535] ? __lock_acquire+0x665/0x2ce0\n[ 5.267560] ? lock_acquire+0xcd/0x300\n[ 5.267573] ? find_held_lock+0x31/0x90\n[ 5.267582] ? mntput_no_expire+0x97/0x4e0\n[ 5.267606] ? mntput_no_expire+0xa1/0x4e0\n[ 5.267625] ? mntput+0x24/0x50\n[ 5.267634] ? path_put+0x1e/0x30\n[ 5.267647] ? do_faccessat+0x120/0x2f0\n[ 5.267677] ? do_syscall_64+0x1a2/0x7c0\n[ 5.267686] ? from_kgid_munged+0x17/0x30\n[ 5.267703] ? from_kuid_munged+0x13/0x30\n[ 5.267711] ? __do_sys_getuid+0x3d/0x50\n[ 5.267724] ? do_syscall_64+0x1a2/0x7c0\n[ 5.267732] ? irqentry_exit+0x77/0xb0\n[ 5.267743] ? clear_bhb_loop+0x30/0x80\n[ 5.267752] ? clear_bhb_loop+0x30/0x80\n[ 5.267765] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 5.267772] RIP: 0033:0x7aaa8b32a9fb\n[ 5.267781] Code: c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 f3 0f 1e fa 31 f6 e9 05 00 00 00 0f 1f 44 00 00 f3 0f 1e fa b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 8b 15 e9 83 0d 00 f7 d8\n[ 5.267787] RSP: 002b:00007ffd7c4c9468 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6\n[ 5.267796] RAX: 0000000000000000 RBX: 00005a61592a8b00 RCX: 00007aaa8b32a9fb\n[ 5.267802] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005a61592b2080\n[ 5.267806] RBP: 00007ffd7c4c9540 R08: 00007aaa8b403b20 R09: 0000000000000020\n[ 5.267812] R10: 0000000000000001 R11: 0000000000000246 R12: 00005a61592a8c00\n[ 5.267817] R13: 00000000\n---truncated---"}], "id": "CVE-2025-39868", "lastModified": "2025-09-23T06:15:45.940", "metrics": {}, "published": "2025-09-23T06:15:45.940", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/181993bb0d626cf88cc803f4356ce5c5abe86278"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/91c34cd6ca1bc67ccf2d104834956af56b5893de"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Received"}

{}

{"created": "2025-09-23T16:03:09.253988+00:00", "updated": "2025-09-23T16:03:09.254052+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}