CVE-2025-40333 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix infinite loop in __insert_extent_tree() When we get wrong extent info data, and look up extent_node in rb tree, it will cause infinite loop (CONFIG_F2FS_CHECK_FS=n). Avoiding this by return NULL and print some kernel messages in that case.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/23361bd54966b437e1ed3eb1a704572f4b279e58
https://git.kernel.org/stable/c/765f8816d3959ef1f3f7f85e2af748594d091f40
https://git.kernel.org/stable/c/c0b9951bb2668d67eb4817bb23fc109abc08c075
https://git.kernel.org/stable/c/f4c31adcb2a0556f43776d4e51a67de88d7fb9ee

History

Tue, 09 Dec 2025 04:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: f2fs: fix infinite loop in __insert_extent_tree() When we get wrong extent info data, and look up extent_node in rb tree, it will cause infinite loop (CONFIG_F2FS_CHECK_FS=n). Avoiding this by return NULL and print some kernel messages in that case.
Title		f2fs: fix infinite loop in __insert_extent_tree()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/23361bd54966b437e1ed3eb1a704572f4b279e58 https://git.kernel.org/stable/c/765f8816d3959ef1f3f7f85e2af748594d091f40 https://git.kernel.org/stable/c/c0b9951bb2668d67eb4817bb23fc109abc08c075 https://git.kernel.org/stable/c/f4c31adcb2a0556f43776d4e51a67de88d7fb9ee

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-09T04:09:50.051Z

Updated: 2025-12-09T04:09:50.051Z

Reserved: 2025-04-16T07:20:57.186Z

Link: CVE-2025-40333

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-12-09T16:17:43.493

Modified: 2025-12-09T18:36:53.557

Link: CVE-2025-40333

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-40333", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T07:20:57.186Z", "datePublished": "2025-12-09T04:09:50.051Z", "dateUpdated": "2025-12-09T04:09:50.051Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-12-09T04:09:50.051Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix infinite loop in __insert_extent_tree()\n\nWhen we get wrong extent info data, and look up extent_node in rb tree,\nit will cause infinite loop (CONFIG_F2FS_CHECK_FS=n). Avoiding this by\nreturn NULL and print some kernel messages in that case."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/f2fs/extent_cache.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "765f8816d3959ef1f3f7f85e2af748594d091f40", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "c0b9951bb2668d67eb4817bb23fc109abc08c075", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "f4c31adcb2a0556f43776d4e51a67de88d7fb9ee", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "23361bd54966b437e1ed3eb1a704572f4b279e58", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/f2fs/extent_cache.c"], "versions": [{"version": "6.6.117", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.58", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.17.8", "lessThanOrEqual": "6.17.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.6.117"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.12.58"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.17.8"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.18"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/765f8816d3959ef1f3f7f85e2af748594d091f40"}, {"url": "https://git.kernel.org/stable/c/c0b9951bb2668d67eb4817bb23fc109abc08c075"}, {"url": "https://git.kernel.org/stable/c/f4c31adcb2a0556f43776d4e51a67de88d7fb9ee"}, {"url": "https://git.kernel.org/stable/c/23361bd54966b437e1ed3eb1a704572f4b279e58"}], "title": "f2fs: fix infinite loop in __insert_extent_tree()", "x_generator": {"engine": "bippy-1.2.0"}}}}