Linux Kernel Data Donation Vulnerability in Read Collection Subsystem Causes Data Corruption and Crash

Vulnerability

A vulnerability in the Linux kernel's read collection subsystem of the netfs file system has been addressed. This issue arose when multiple subrequests donated data to the same 'next' request, based on the order of subrequest completion. Each subrequest would overwrite the 'prev_donated' field, leading to data corruption and a BUG() crash, with the error message 'Can't donate prior to front'.

Impact

Exploitation of this vulnerability could lead to data corruption and a system crash.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Data Donation Vulnerability in Read Collection Subsystem Causes Data Corruption and Crash

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating