vulnerability

Ubuntu: (Multiple Advisories) (CVE-2025-37925): Linux kernel vulnerabilities

Try Surface Command
Back to search
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
Apr 18, 2025
Added
Jun 26, 2025
Modified
Feb 13, 2026

Description

In the Linux kernel, the following vulnerability has been resolved:

jfs: reject on-disk inodes of an unsupported type

Syzbot has reported the following BUG:

kernel BUG at fs/inode.c:668!
Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
CPU: 3 UID: 0 PID: 139 Comm: jfsCommit Not tainted 6.12.0-rc4-syzkaller-00085-g4e46774408d9 #0
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014
RIP: 0010:clear_inode+0x168/0x190
Code: 4c 89 f7 e8 ba fe e5 ff e9 61 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 7c c1 4c 89 f7 e8 90 ff e5 ff eb b7
0b e8 01 5d 7f ff 90 0f 0b e8 f9 5c 7f ff 90 0f 0b e8 f1 5c 7f
RSP: 0018:ffffc900027dfae8 EFLAGS: 00010093
RAX: ffffffff82157a87 RBX: 0000000000000001 RCX: ffff888104d4b980
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: ffffc900027dfc90 R08: ffffffff82157977 R09: fffff520004fbf38
R10: dffffc0000000000 R11: fffff520004fbf38 R12: dffffc0000000000
R13: ffff88811315bc00 R14: ffff88811315bda8 R15: ffff88811315bb80
FS: 0000000000000000(0000) GS:ffff888135f00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005565222e0578 CR3: 0000000026ef0000 CR4: 00000000000006f0
Call Trace:
<TASK>
? __die_body+0x5f/0xb0
? die+0x9e/0xc0
? do_trap+0x15a/0x3a0
? clear_inode+0x168/0x190
? do_error_trap+0x1dc/0x2c0
? clear_inode+0x168/0x190
? __pfx_do_error_trap+0x10/0x10
? report_bug+0x3cd/0x500
? handle_invalid_op+0x34/0x40
? clear_inode+0x168/0x190
? exc_invalid_op+0x38/0x50
? asm_exc_invalid_op+0x1a/0x20
? clear_inode+0x57/0x190
? clear_inode+0x167/0x190
? clear_inode+0x168/0x190
? clear_inode+0x167/0x190
jfs_evict_inode+0xb5/0x440
? __pfx_jfs_evict_inode+0x10/0x10
evict+0x4ea/0x9b0
? __pfx_evict+0x10/0x10
? iput+0x713/0xa50
txUpdateMap+0x931/0xb10
? __pfx_txUpdateMap+0x10/0x10
jfs_lazycommit+0x49a/0xb80
? _raw_spin_unlock_irqrestore+0x8f/0x140
? lockdep_hardirqs_on+0x99/0x150
? __pfx_jfs_lazycommit+0x10/0x10
? __pfx_default_wake_function+0x10/0x10
? __kthread_parkme+0x169/0x1d0
? __pfx_jfs_lazycommit+0x10/0x10
kthread+0x2f2/0x390
? __pfx_jfs_lazycommit+0x10/0x10
? __pfx_kthread+0x10/0x10
ret_from_fork+0x4d/0x80
? __pfx_kthread+0x10/0x10
ret_from_fork_asm+0x1a/0x30
</TASK>

This happens when 'clear_inode()' makes an attempt to finalize an underlying
JFS inode of unknown type. According to JFS layout description from
https://jfs.sourceforge.net/project/pub/jfslayout.pdf, inode types from 5 to
15 are reserved for future extensions and should not be encountered on a valid
filesystem. So add an extra check for valid inode type in 'copy_from_dinode()'.

Solutions

ubuntu-upgrade-linux-image-5-15-0-1038-nvidia-tegra-igxubuntu-upgrade-linux-image-5-15-0-1038-nvidia-tegra-igx-rtubuntu-upgrade-linux-image-5-15-0-1049-nvidia-tegraubuntu-upgrade-linux-image-5-15-0-1049-nvidia-tegra-rtubuntu-upgrade-linux-image-5-15-0-1061-xilinx-zynqmpubuntu-upgrade-linux-image-5-15-0-1080-gkeopubuntu-upgrade-linux-image-5-15-0-1089-intel-iot-realtimeubuntu-upgrade-linux-image-5-15-0-1089-kvmubuntu-upgrade-linux-image-5-15-0-1091-ibmubuntu-upgrade-linux-image-5-15-0-1091-raspiubuntu-upgrade-linux-image-5-15-0-1092-intel-iotgubuntu-upgrade-linux-image-5-15-0-1092-nvidiaubuntu-upgrade-linux-image-5-15-0-1092-nvidia-lowlatencyubuntu-upgrade-linux-image-5-15-0-1093-gkeubuntu-upgrade-linux-image-5-15-0-1094-oracleubuntu-upgrade-linux-image-5-15-0-1096-realtimeubuntu-upgrade-linux-image-5-15-0-1097-awsubuntu-upgrade-linux-image-5-15-0-1097-aws-64kubuntu-upgrade-linux-image-5-15-0-1097-aws-fipsubuntu-upgrade-linux-image-5-15-0-1097-gcpubuntu-upgrade-linux-image-5-15-0-1097-gcp-fipsubuntu-upgrade-linux-image-5-15-0-1101-azureubuntu-upgrade-linux-image-5-15-0-1101-azure-fipsubuntu-upgrade-linux-image-5-15-0-1102-azureubuntu-upgrade-linux-image-5-15-0-163-fipsubuntu-upgrade-linux-image-5-15-0-163-genericubuntu-upgrade-linux-image-5-15-0-163-generic-64kubuntu-upgrade-linux-image-5-15-0-163-generic-lpaeubuntu-upgrade-linux-image-5-15-0-163-lowlatencyubuntu-upgrade-linux-image-5-15-0-163-lowlatency-64kubuntu-upgrade-linux-image-6-14-0-1004-realtimeubuntu-upgrade-linux-image-6-14-0-1007-awsubuntu-upgrade-linux-image-6-14-0-1007-aws-64kubuntu-upgrade-linux-image-6-14-0-1007-azureubuntu-upgrade-linux-image-6-14-0-1007-azure-fdeubuntu-upgrade-linux-image-6-14-0-1007-oracleubuntu-upgrade-linux-image-6-14-0-1007-oracle-64kubuntu-upgrade-linux-image-6-14-0-1007-raspiubuntu-upgrade-linux-image-6-14-0-1008-gcpubuntu-upgrade-linux-image-6-14-0-1008-gcp-64kubuntu-upgrade-linux-image-6-14-0-22-genericubuntu-upgrade-linux-image-6-14-0-22-generic-64kubuntu-upgrade-linux-image-6-8-0-100-genericubuntu-upgrade-linux-image-6-8-0-100-generic-64kubuntu-upgrade-linux-image-6-8-0-1047-gcpubuntu-upgrade-linux-image-6-8-0-1047-gcp-64kubuntu-upgrade-linux-image-6-8-0-1047-raspiubuntu-upgrade-linux-image-6-8-1-1041-realtimeubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-aws-5-15ubuntu-upgrade-linux-image-aws-64kubuntu-upgrade-linux-image-aws-64k-5-15ubuntu-upgrade-linux-image-aws-64k-lts-22-04ubuntu-upgrade-linux-image-aws-fipsubuntu-upgrade-linux-image-aws-fips-5-15ubuntu-upgrade-linux-image-aws-lts-22-04ubuntu-upgrade-linux-image-azureubuntu-upgrade-linux-image-azure-5-15ubuntu-upgrade-linux-image-azure-cvmubuntu-upgrade-linux-image-azure-fdeubuntu-upgrade-linux-image-azure-fipsubuntu-upgrade-linux-image-azure-fips-5-15ubuntu-upgrade-linux-image-azure-lts-22-04ubuntu-upgrade-linux-image-fipsubuntu-upgrade-linux-image-fips-5-15ubuntu-upgrade-linux-image-gcpubuntu-upgrade-linux-image-gcp-5-15ubuntu-upgrade-linux-image-gcp-6-8ubuntu-upgrade-linux-image-gcp-64kubuntu-upgrade-linux-image-gcp-64k-6-8ubuntu-upgrade-linux-image-gcp-fipsubuntu-upgrade-linux-image-gcp-fips-5-15ubuntu-upgrade-linux-image-gcp-lts-22-04ubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-5-15ubuntu-upgrade-linux-image-generic-6-8ubuntu-upgrade-linux-image-generic-64kubuntu-upgrade-linux-image-generic-64k-5-15ubuntu-upgrade-linux-image-generic-64k-6-8ubuntu-upgrade-linux-image-generic-64k-hwe-20-04ubuntu-upgrade-linux-image-generic-hwe-20-04ubuntu-upgrade-linux-image-generic-lpaeubuntu-upgrade-linux-image-generic-lpae-5-15ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04ubuntu-upgrade-linux-image-gkeubuntu-upgrade-linux-image-gke-5-15ubuntu-upgrade-linux-image-gkeopubuntu-upgrade-linux-image-gkeop-5-15ubuntu-upgrade-linux-image-ibmubuntu-upgrade-linux-image-ibm-5-15ubuntu-upgrade-linux-image-intelubuntu-upgrade-linux-image-intel-iot-realtimeubuntu-upgrade-linux-image-intel-iot-realtime-5-15ubuntu-upgrade-linux-image-intel-iotgubuntu-upgrade-linux-image-intel-iotg-5-15ubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-kvm-5-15ubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-5-15ubuntu-upgrade-linux-image-lowlatency-64kubuntu-upgrade-linux-image-lowlatency-64k-5-15ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04ubuntu-upgrade-linux-image-lowlatency-hwe-20-04ubuntu-upgrade-linux-image-nvidiaubuntu-upgrade-linux-image-nvidia-5-15ubuntu-upgrade-linux-image-nvidia-lowlatencyubuntu-upgrade-linux-image-nvidia-lowlatency-5-15ubuntu-upgrade-linux-image-nvidia-tegraubuntu-upgrade-linux-image-nvidia-tegra-5-15ubuntu-upgrade-linux-image-nvidia-tegra-igxubuntu-upgrade-linux-image-nvidia-tegra-igx-5-15ubuntu-upgrade-linux-image-nvidia-tegra-igx-rtubuntu-upgrade-linux-image-nvidia-tegra-igx-rt-5-15ubuntu-upgrade-linux-image-nvidia-tegra-rtubuntu-upgrade-linux-image-nvidia-tegra-rt-5-15ubuntu-upgrade-linux-image-oem-20-04ubuntu-upgrade-linux-image-oem-20-04bubuntu-upgrade-linux-image-oem-20-04cubuntu-upgrade-linux-image-oem-20-04dubuntu-upgrade-linux-image-oracleubuntu-upgrade-linux-image-oracle-5-15ubuntu-upgrade-linux-image-oracle-64kubuntu-upgrade-linux-image-oracle-lts-22-04ubuntu-upgrade-linux-image-raspiubuntu-upgrade-linux-image-raspi-5-15ubuntu-upgrade-linux-image-raspi-6-8ubuntu-upgrade-linux-image-raspi-nolpaeubuntu-upgrade-linux-image-realtimeubuntu-upgrade-linux-image-realtime-5-15ubuntu-upgrade-linux-image-realtime-6-8-1ubuntu-upgrade-linux-image-realtime-hwe-22-04ubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-5-15ubuntu-upgrade-linux-image-virtual-6-8ubuntu-upgrade-linux-image-virtual-hwe-20-04ubuntu-upgrade-linux-image-xilinx-zynqmpubuntu-upgrade-linux-image-xilinx-zynqmp-5-15

References

    Title
    NEW

    Explore Exposure Command

    Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

    Try it today