CVE-2025-39868 (GCVE-0-2025-39868)

Vulnerability from cvelistv5 – Published: 2025-09-23 06:00 – Updated: 2026-05-11 21:37
VLAI
Title
erofs: fix runtime warning on truncate_folio_batch_exceptionals()
Summary
In the Linux kernel, the following vulnerability has been resolved: erofs: fix runtime warning on truncate_folio_batch_exceptionals() Commit 0e2f80afcfa6("fs/dax: ensure all pages are idle prior to filesystem unmount") introduced the WARN_ON_ONCE to capture whether the filesystem has removed all DAX entries or not and applied the fix to xfs and ext4. Apply the missed fix on erofs to fix the runtime warning: [ 5.266254] ------------[ cut here ]------------ [ 5.266274] WARNING: CPU: 6 PID: 3109 at mm/truncate.c:89 truncate_folio_batch_exceptionals+0xff/0x260 [ 5.266294] Modules linked in: [ 5.266999] CPU: 6 UID: 0 PID: 3109 Comm: umount Tainted: G S 6.16.0+ #6 PREEMPT(voluntary) [ 5.267012] Tainted: [S]=CPU_OUT_OF_SPEC [ 5.267017] Hardware name: Dell Inc. OptiPlex 5000/05WXFV, BIOS 1.5.1 08/24/2022 [ 5.267024] RIP: 0010:truncate_folio_batch_exceptionals+0xff/0x260 [ 5.267076] Code: 00 00 41 39 df 7f 11 eb 78 83 c3 01 49 83 c4 08 41 39 df 74 6c 48 63 f3 48 83 fe 1f 0f 83 3c 01 00 00 43 f6 44 26 08 01 74 df <0f> 0b 4a 8b 34 22 4c 89 ef 48 89 55 90 e8 ff 54 1f 00 48 8b 55 90 [ 5.267083] RSP: 0018:ffffc900013f36c8 EFLAGS: 00010202 [ 5.267095] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 5.267101] RDX: ffffc900013f3790 RSI: 0000000000000000 RDI: ffff8882a1407898 [ 5.267108] RBP: ffffc900013f3740 R08: 0000000000000000 R09: 0000000000000000 [ 5.267113] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 5.267119] R13: ffff8882a1407ab8 R14: ffffc900013f3888 R15: 0000000000000001 [ 5.267125] FS: 00007aaa8b437800(0000) GS:ffff88850025b000(0000) knlGS:0000000000000000 [ 5.267132] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 5.267138] CR2: 00007aaa8b3aac10 CR3: 000000024f764000 CR4: 0000000000f52ef0 [ 5.267144] PKRU: 55555554 [ 5.267150] Call Trace: [ 5.267154] <TASK> [ 5.267181] truncate_inode_pages_range+0x118/0x5e0 [ 5.267193] ? save_trace+0x54/0x390 [ 5.267296] truncate_inode_pages_final+0x43/0x60 [ 5.267309] evict+0x2a4/0x2c0 [ 5.267339] dispose_list+0x39/0x80 [ 5.267352] evict_inodes+0x150/0x1b0 [ 5.267376] generic_shutdown_super+0x41/0x180 [ 5.267390] kill_block_super+0x1b/0x50 [ 5.267402] erofs_kill_sb+0x81/0x90 [erofs] [ 5.267436] deactivate_locked_super+0x32/0xb0 [ 5.267450] deactivate_super+0x46/0x60 [ 5.267460] cleanup_mnt+0xc3/0x170 [ 5.267475] __cleanup_mnt+0x12/0x20 [ 5.267485] task_work_run+0x5d/0xb0 [ 5.267499] exit_to_user_mode_loop+0x144/0x170 [ 5.267512] do_syscall_64+0x2b9/0x7c0 [ 5.267523] ? __lock_acquire+0x665/0x2ce0 [ 5.267535] ? __lock_acquire+0x665/0x2ce0 [ 5.267560] ? lock_acquire+0xcd/0x300 [ 5.267573] ? find_held_lock+0x31/0x90 [ 5.267582] ? mntput_no_expire+0x97/0x4e0 [ 5.267606] ? mntput_no_expire+0xa1/0x4e0 [ 5.267625] ? mntput+0x24/0x50 [ 5.267634] ? path_put+0x1e/0x30 [ 5.267647] ? do_faccessat+0x120/0x2f0 [ 5.267677] ? do_syscall_64+0x1a2/0x7c0 [ 5.267686] ? from_kgid_munged+0x17/0x30 [ 5.267703] ? from_kuid_munged+0x13/0x30 [ 5.267711] ? __do_sys_getuid+0x3d/0x50 [ 5.267724] ? do_syscall_64+0x1a2/0x7c0 [ 5.267732] ? irqentry_exit+0x77/0xb0 [ 5.267743] ? clear_bhb_loop+0x30/0x80 [ 5.267752] ? clear_bhb_loop+0x30/0x80 [ 5.267765] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 5.267772] RIP: 0033:0x7aaa8b32a9fb [ 5.267781] Code: c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 f3 0f 1e fa 31 f6 e9 05 00 00 00 0f 1f 44 00 00 f3 0f 1e fa b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 8b 15 e9 83 0d 00 f7 d8 [ 5.267787] RSP: 002b:00007ffd7c4c9468 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 5.267796] RAX: 0000000000000000 RBX: 00005a61592a8b00 RCX: 00007aaa8b32a9fb [ 5.267802] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005a61592b2080 [ 5.267806] RBP: 00007ffd7c4c9540 R08: 00007aaa8b403b20 R09: 0000000000000020 [ 5.267812] R10: 0000000000000001 R11: 0000000000000246 R12: 00005a61592a8c00 [ 5.267817] R13: 00000000 ---truncated---
Severity
7.8 (High)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: bde708f1a65d025c45575bfe1e7bf7bdf7e71e87 , < 91c34cd6ca1bc67ccf2d104834956af56b5893de (git)
Affected: bde708f1a65d025c45575bfe1e7bf7bdf7e71e87 , < 181993bb0d626cf88cc803f4356ce5c5abe86278 (git)
Create a notification for this product.
Linux Linux Affected: 6.15
Unaffected: 0 , < 6.15 (semver)
Unaffected: 6.16.8 , ≤ 6.16.* (semver)
Unaffected: 6.17 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-39868",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-14T19:24:11.670822Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-14T19:33:11.858Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/erofs/super.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "91c34cd6ca1bc67ccf2d104834956af56b5893de",
              "status": "affected",
              "version": "bde708f1a65d025c45575bfe1e7bf7bdf7e71e87",
              "versionType": "git"
            },
            {
              "lessThan": "181993bb0d626cf88cc803f4356ce5c5abe86278",
              "status": "affected",
              "version": "bde708f1a65d025c45575bfe1e7bf7bdf7e71e87",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/erofs/super.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.15"
            },
            {
              "lessThan": "6.15",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.16.*",
              "status": "unaffected",
              "version": "6.16.8",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.17",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.16.8",
                  "versionStartIncluding": "6.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.17",
                  "versionStartIncluding": "6.15",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nerofs: fix runtime warning on truncate_folio_batch_exceptionals()\n\nCommit 0e2f80afcfa6(\"fs/dax: ensure all pages are idle prior to\nfilesystem unmount\") introduced the WARN_ON_ONCE to capture whether\nthe filesystem has removed all DAX entries or not and applied the\nfix to xfs and ext4.\n\nApply the missed fix on erofs to fix the runtime warning:\n\n[  5.266254] ------------[ cut here ]------------\n[  5.266274] WARNING: CPU: 6 PID: 3109 at mm/truncate.c:89 truncate_folio_batch_exceptionals+0xff/0x260\n[  5.266294] Modules linked in:\n[  5.266999] CPU: 6 UID: 0 PID: 3109 Comm: umount Tainted: G S                  6.16.0+ #6 PREEMPT(voluntary)\n[  5.267012] Tainted: [S]=CPU_OUT_OF_SPEC\n[  5.267017] Hardware name: Dell Inc. OptiPlex 5000/05WXFV, BIOS 1.5.1 08/24/2022\n[  5.267024] RIP: 0010:truncate_folio_batch_exceptionals+0xff/0x260\n[  5.267076] Code: 00 00 41 39 df 7f 11 eb 78 83 c3 01 49 83 c4 08 41 39 df 74 6c 48 63 f3 48 83 fe 1f 0f 83 3c 01 00 00 43 f6 44 26 08 01 74 df \u003c0f\u003e 0b 4a 8b 34 22 4c 89 ef 48 89 55 90 e8 ff 54 1f 00 48 8b 55 90\n[  5.267083] RSP: 0018:ffffc900013f36c8 EFLAGS: 00010202\n[  5.267095] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\n[  5.267101] RDX: ffffc900013f3790 RSI: 0000000000000000 RDI: ffff8882a1407898\n[  5.267108] RBP: ffffc900013f3740 R08: 0000000000000000 R09: 0000000000000000\n[  5.267113] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000\n[  5.267119] R13: ffff8882a1407ab8 R14: ffffc900013f3888 R15: 0000000000000001\n[  5.267125] FS:  00007aaa8b437800(0000) GS:ffff88850025b000(0000) knlGS:0000000000000000\n[  5.267132] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[  5.267138] CR2: 00007aaa8b3aac10 CR3: 000000024f764000 CR4: 0000000000f52ef0\n[  5.267144] PKRU: 55555554\n[  5.267150] Call Trace:\n[  5.267154]  \u003cTASK\u003e\n[  5.267181]  truncate_inode_pages_range+0x118/0x5e0\n[  5.267193]  ? save_trace+0x54/0x390\n[  5.267296]  truncate_inode_pages_final+0x43/0x60\n[  5.267309]  evict+0x2a4/0x2c0\n[  5.267339]  dispose_list+0x39/0x80\n[  5.267352]  evict_inodes+0x150/0x1b0\n[  5.267376]  generic_shutdown_super+0x41/0x180\n[  5.267390]  kill_block_super+0x1b/0x50\n[  5.267402]  erofs_kill_sb+0x81/0x90 [erofs]\n[  5.267436]  deactivate_locked_super+0x32/0xb0\n[  5.267450]  deactivate_super+0x46/0x60\n[  5.267460]  cleanup_mnt+0xc3/0x170\n[  5.267475]  __cleanup_mnt+0x12/0x20\n[  5.267485]  task_work_run+0x5d/0xb0\n[  5.267499]  exit_to_user_mode_loop+0x144/0x170\n[  5.267512]  do_syscall_64+0x2b9/0x7c0\n[  5.267523]  ? __lock_acquire+0x665/0x2ce0\n[  5.267535]  ? __lock_acquire+0x665/0x2ce0\n[  5.267560]  ? lock_acquire+0xcd/0x300\n[  5.267573]  ? find_held_lock+0x31/0x90\n[  5.267582]  ? mntput_no_expire+0x97/0x4e0\n[  5.267606]  ? mntput_no_expire+0xa1/0x4e0\n[  5.267625]  ? mntput+0x24/0x50\n[  5.267634]  ? path_put+0x1e/0x30\n[  5.267647]  ? do_faccessat+0x120/0x2f0\n[  5.267677]  ? do_syscall_64+0x1a2/0x7c0\n[  5.267686]  ? from_kgid_munged+0x17/0x30\n[  5.267703]  ? from_kuid_munged+0x13/0x30\n[  5.267711]  ? __do_sys_getuid+0x3d/0x50\n[  5.267724]  ? do_syscall_64+0x1a2/0x7c0\n[  5.267732]  ? irqentry_exit+0x77/0xb0\n[  5.267743]  ? clear_bhb_loop+0x30/0x80\n[  5.267752]  ? clear_bhb_loop+0x30/0x80\n[  5.267765]  entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[  5.267772] RIP: 0033:0x7aaa8b32a9fb\n[  5.267781] Code: c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 f3 0f 1e fa 31 f6 e9 05 00 00 00 0f 1f 44 00 00 f3 0f 1e fa b8 a6 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 8b 15 e9 83 0d 00 f7 d8\n[  5.267787] RSP: 002b:00007ffd7c4c9468 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6\n[  5.267796] RAX: 0000000000000000 RBX: 00005a61592a8b00 RCX: 00007aaa8b32a9fb\n[  5.267802] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005a61592b2080\n[  5.267806] RBP: 00007ffd7c4c9540 R08: 00007aaa8b403b20 R09: 0000000000000020\n[  5.267812] R10: 0000000000000001 R11: 0000000000000246 R12: 00005a61592a8c00\n[  5.267817] R13: 00000000\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T21:37:58.597Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/91c34cd6ca1bc67ccf2d104834956af56b5893de"
        },
        {
          "url": "https://git.kernel.org/stable/c/181993bb0d626cf88cc803f4356ce5c5abe86278"
        }
      ],
      "title": "erofs: fix runtime warning on truncate_folio_batch_exceptionals()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-39868",
    "datePublished": "2025-09-23T06:00:43.308Z",
    "dateReserved": "2025-04-16T07:20:57.143Z",
    "dateUpdated": "2026-05-11T21:37:58.597Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-39868",
      "date": "2026-05-27",
      "epss": "0.00021",
      "percentile": "0.06092"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-39868\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-09-23T06:15:45.940\",\"lastModified\":\"2026-01-14T20:16:09.690\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nerofs: fix runtime warning on truncate_folio_batch_exceptionals()\\n\\nCommit 0e2f80afcfa6(\\\"fs/dax: ensure all pages are idle prior to\\nfilesystem unmount\\\") introduced the WARN_ON_ONCE to capture whether\\nthe filesystem has removed all DAX entries or not and applied the\\nfix to xfs and ext4.\\n\\nApply the missed fix on erofs to fix the runtime warning:\\n\\n[  5.266254] ------------[ cut here ]------------\\n[  5.266274] WARNING: CPU: 6 PID: 3109 at mm/truncate.c:89 truncate_folio_batch_exceptionals+0xff/0x260\\n[  5.266294] Modules linked in:\\n[  5.266999] CPU: 6 UID: 0 PID: 3109 Comm: umount Tainted: G S                  6.16.0+ #6 PREEMPT(voluntary)\\n[  5.267012] Tainted: [S]=CPU_OUT_OF_SPEC\\n[  5.267017] Hardware name: Dell Inc. OptiPlex 5000/05WXFV, BIOS 1.5.1 08/24/2022\\n[  5.267024] RIP: 0010:truncate_folio_batch_exceptionals+0xff/0x260\\n[  5.267076] Code: 00 00 41 39 df 7f 11 eb 78 83 c3 01 49 83 c4 08 41 39 df 74 6c 48 63 f3 48 83 fe 1f 0f 83 3c 01 00 00 43 f6 44 26 08 01 74 df \u003c0f\u003e 0b 4a 8b 34 22 4c 89 ef 48 89 55 90 e8 ff 54 1f 00 48 8b 55 90\\n[  5.267083] RSP: 0018:ffffc900013f36c8 EFLAGS: 00010202\\n[  5.267095] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\\n[  5.267101] RDX: ffffc900013f3790 RSI: 0000000000000000 RDI: ffff8882a1407898\\n[  5.267108] RBP: ffffc900013f3740 R08: 0000000000000000 R09: 0000000000000000\\n[  5.267113] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000\\n[  5.267119] R13: ffff8882a1407ab8 R14: ffffc900013f3888 R15: 0000000000000001\\n[  5.267125] FS:  00007aaa8b437800(0000) GS:ffff88850025b000(0000) knlGS:0000000000000000\\n[  5.267132] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\\n[  5.267138] CR2: 00007aaa8b3aac10 CR3: 000000024f764000 CR4: 0000000000f52ef0\\n[  5.267144] PKRU: 55555554\\n[  5.267150] Call Trace:\\n[  5.267154]  \u003cTASK\u003e\\n[  5.267181]  truncate_inode_pages_range+0x118/0x5e0\\n[  5.267193]  ? save_trace+0x54/0x390\\n[  5.267296]  truncate_inode_pages_final+0x43/0x60\\n[  5.267309]  evict+0x2a4/0x2c0\\n[  5.267339]  dispose_list+0x39/0x80\\n[  5.267352]  evict_inodes+0x150/0x1b0\\n[  5.267376]  generic_shutdown_super+0x41/0x180\\n[  5.267390]  kill_block_super+0x1b/0x50\\n[  5.267402]  erofs_kill_sb+0x81/0x90 [erofs]\\n[  5.267436]  deactivate_locked_super+0x32/0xb0\\n[  5.267450]  deactivate_super+0x46/0x60\\n[  5.267460]  cleanup_mnt+0xc3/0x170\\n[  5.267475]  __cleanup_mnt+0x12/0x20\\n[  5.267485]  task_work_run+0x5d/0xb0\\n[  5.267499]  exit_to_user_mode_loop+0x144/0x170\\n[  5.267512]  do_syscall_64+0x2b9/0x7c0\\n[  5.267523]  ? __lock_acquire+0x665/0x2ce0\\n[  5.267535]  ? __lock_acquire+0x665/0x2ce0\\n[  5.267560]  ? lock_acquire+0xcd/0x300\\n[  5.267573]  ? find_held_lock+0x31/0x90\\n[  5.267582]  ? mntput_no_expire+0x97/0x4e0\\n[  5.267606]  ? mntput_no_expire+0xa1/0x4e0\\n[  5.267625]  ? mntput+0x24/0x50\\n[  5.267634]  ? path_put+0x1e/0x30\\n[  5.267647]  ? do_faccessat+0x120/0x2f0\\n[  5.267677]  ? do_syscall_64+0x1a2/0x7c0\\n[  5.267686]  ? from_kgid_munged+0x17/0x30\\n[  5.267703]  ? from_kuid_munged+0x13/0x30\\n[  5.267711]  ? __do_sys_getuid+0x3d/0x50\\n[  5.267724]  ? do_syscall_64+0x1a2/0x7c0\\n[  5.267732]  ? irqentry_exit+0x77/0xb0\\n[  5.267743]  ? clear_bhb_loop+0x30/0x80\\n[  5.267752]  ? clear_bhb_loop+0x30/0x80\\n[  5.267765]  entry_SYSCALL_64_after_hwframe+0x76/0x7e\\n[  5.267772] RIP: 0033:0x7aaa8b32a9fb\\n[  5.267781] Code: c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 f3 0f 1e fa 31 f6 e9 05 00 00 00 0f 1f 44 00 00 f3 0f 1e fa b8 a6 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 8b 15 e9 83 0d 00 f7 d8\\n[  5.267787] RSP: 002b:00007ffd7c4c9468 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6\\n[  5.267796] RAX: 0000000000000000 RBX: 00005a61592a8b00 RCX: 00007aaa8b32a9fb\\n[  5.267802] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005a61592b2080\\n[  5.267806] RBP: 00007ffd7c4c9540 R08: 00007aaa8b403b20 R09: 0000000000000020\\n[  5.267812] R10: 0000000000000001 R11: 0000000000000246 R12: 00005a61592a8c00\\n[  5.267817] R13: 00000000\\n---truncated---\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.15\",\"versionEndExcluding\":\"6.16.8\",\"matchCriteriaId\":\"4CDBA6F5-ADD5-4E49-89EE-9FA2364F2685\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.17:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"327D22EF-390B-454C-BD31-2ED23C998A1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.17:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C730CD9A-D969-4A8E-9522-162AAF7C0EE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.17:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"39982C4B-716E-4B2F-8196-FA301F47807D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.17:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"340BEEA9-D70D-4290-B502-FBB1032353B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.17:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"47E4C5C0-079F-4838-971B-8C503D48FCC2\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/181993bb0d626cf88cc803f4356ce5c5abe86278\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/91c34cd6ca1bc67ccf2d104834956af56b5893de\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-39868\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-01-14T19:24:11.670822Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-01-14T19:24:06.662Z\"}}], \"cna\": {\"title\": \"erofs: fix runtime warning on truncate_folio_batch_exceptionals()\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"bde708f1a65d025c45575bfe1e7bf7bdf7e71e87\", \"lessThan\": \"91c34cd6ca1bc67ccf2d104834956af56b5893de\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"bde708f1a65d025c45575bfe1e7bf7bdf7e71e87\", \"lessThan\": \"181993bb0d626cf88cc803f4356ce5c5abe86278\", \"versionType\": \"git\"}], \"programFiles\": [\"fs/erofs/super.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.15\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"6.15\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"6.16.8\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.16.*\"}, {\"status\": \"unaffected\", \"version\": \"6.17\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"fs/erofs/super.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/91c34cd6ca1bc67ccf2d104834956af56b5893de\"}, {\"url\": \"https://git.kernel.org/stable/c/181993bb0d626cf88cc803f4356ce5c5abe86278\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nerofs: fix runtime warning on truncate_folio_batch_exceptionals()\\n\\nCommit 0e2f80afcfa6(\\\"fs/dax: ensure all pages are idle prior to\\nfilesystem unmount\\\") introduced the WARN_ON_ONCE to capture whether\\nthe filesystem has removed all DAX entries or not and applied the\\nfix to xfs and ext4.\\n\\nApply the missed fix on erofs to fix the runtime warning:\\n\\n[  5.266254] ------------[ cut here ]------------\\n[  5.266274] WARNING: CPU: 6 PID: 3109 at mm/truncate.c:89 truncate_folio_batch_exceptionals+0xff/0x260\\n[  5.266294] Modules linked in:\\n[  5.266999] CPU: 6 UID: 0 PID: 3109 Comm: umount Tainted: G S                  6.16.0+ #6 PREEMPT(voluntary)\\n[  5.267012] Tainted: [S]=CPU_OUT_OF_SPEC\\n[  5.267017] Hardware name: Dell Inc. OptiPlex 5000/05WXFV, BIOS 1.5.1 08/24/2022\\n[  5.267024] RIP: 0010:truncate_folio_batch_exceptionals+0xff/0x260\\n[  5.267076] Code: 00 00 41 39 df 7f 11 eb 78 83 c3 01 49 83 c4 08 41 39 df 74 6c 48 63 f3 48 83 fe 1f 0f 83 3c 01 00 00 43 f6 44 26 08 01 74 df \u003c0f\u003e 0b 4a 8b 34 22 4c 89 ef 48 89 55 90 e8 ff 54 1f 00 48 8b 55 90\\n[  5.267083] RSP: 0018:ffffc900013f36c8 EFLAGS: 00010202\\n[  5.267095] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\\n[  5.267101] RDX: ffffc900013f3790 RSI: 0000000000000000 RDI: ffff8882a1407898\\n[  5.267108] RBP: ffffc900013f3740 R08: 0000000000000000 R09: 0000000000000000\\n[  5.267113] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000\\n[  5.267119] R13: ffff8882a1407ab8 R14: ffffc900013f3888 R15: 0000000000000001\\n[  5.267125] FS:  00007aaa8b437800(0000) GS:ffff88850025b000(0000) knlGS:0000000000000000\\n[  5.267132] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\\n[  5.267138] CR2: 00007aaa8b3aac10 CR3: 000000024f764000 CR4: 0000000000f52ef0\\n[  5.267144] PKRU: 55555554\\n[  5.267150] Call Trace:\\n[  5.267154]  \u003cTASK\u003e\\n[  5.267181]  truncate_inode_pages_range+0x118/0x5e0\\n[  5.267193]  ? save_trace+0x54/0x390\\n[  5.267296]  truncate_inode_pages_final+0x43/0x60\\n[  5.267309]  evict+0x2a4/0x2c0\\n[  5.267339]  dispose_list+0x39/0x80\\n[  5.267352]  evict_inodes+0x150/0x1b0\\n[  5.267376]  generic_shutdown_super+0x41/0x180\\n[  5.267390]  kill_block_super+0x1b/0x50\\n[  5.267402]  erofs_kill_sb+0x81/0x90 [erofs]\\n[  5.267436]  deactivate_locked_super+0x32/0xb0\\n[  5.267450]  deactivate_super+0x46/0x60\\n[  5.267460]  cleanup_mnt+0xc3/0x170\\n[  5.267475]  __cleanup_mnt+0x12/0x20\\n[  5.267485]  task_work_run+0x5d/0xb0\\n[  5.267499]  exit_to_user_mode_loop+0x144/0x170\\n[  5.267512]  do_syscall_64+0x2b9/0x7c0\\n[  5.267523]  ? __lock_acquire+0x665/0x2ce0\\n[  5.267535]  ? __lock_acquire+0x665/0x2ce0\\n[  5.267560]  ? lock_acquire+0xcd/0x300\\n[  5.267573]  ? find_held_lock+0x31/0x90\\n[  5.267582]  ? mntput_no_expire+0x97/0x4e0\\n[  5.267606]  ? mntput_no_expire+0xa1/0x4e0\\n[  5.267625]  ? mntput+0x24/0x50\\n[  5.267634]  ? path_put+0x1e/0x30\\n[  5.267647]  ? do_faccessat+0x120/0x2f0\\n[  5.267677]  ? do_syscall_64+0x1a2/0x7c0\\n[  5.267686]  ? from_kgid_munged+0x17/0x30\\n[  5.267703]  ? from_kuid_munged+0x13/0x30\\n[  5.267711]  ? __do_sys_getuid+0x3d/0x50\\n[  5.267724]  ? do_syscall_64+0x1a2/0x7c0\\n[  5.267732]  ? irqentry_exit+0x77/0xb0\\n[  5.267743]  ? clear_bhb_loop+0x30/0x80\\n[  5.267752]  ? clear_bhb_loop+0x30/0x80\\n[  5.267765]  entry_SYSCALL_64_after_hwframe+0x76/0x7e\\n[  5.267772] RIP: 0033:0x7aaa8b32a9fb\\n[  5.267781] Code: c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 f3 0f 1e fa 31 f6 e9 05 00 00 00 0f 1f 44 00 00 f3 0f 1e fa b8 a6 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 8b 15 e9 83 0d 00 f7 d8\\n[  5.267787] RSP: 002b:00007ffd7c4c9468 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6\\n[  5.267796] RAX: 0000000000000000 RBX: 00005a61592a8b00 RCX: 00007aaa8b32a9fb\\n[  5.267802] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005a61592b2080\\n[  5.267806] RBP: 00007ffd7c4c9540 R08: 00007aaa8b403b20 R09: 0000000000000020\\n[  5.267812] R10: 0000000000000001 R11: 0000000000000246 R12: 00005a61592a8c00\\n[  5.267817] R13: 00000000\\n---truncated---\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.16.8\", \"versionStartIncluding\": \"6.15\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.17\", \"versionStartIncluding\": \"6.15\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-09-29T06:01:23.870Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-39868\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-14T19:33:11.858Z\", \"dateReserved\": \"2025-04-16T07:20:57.143Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2025-09-23T06:00:43.308Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.