Linux Kernel F2FS Uninitialized Memory Access Vulnerability

Vulnerability

A vulnerability in the Linux kernel's F2FS (Flash-Friendly File System) implementation allows for an uninitialized memory access, which can lead to a kernel panic. This issue arises when the file system's segment allocator runs out of free segments, causing a checkpoint error flag to be set. The F2FS write inode function does not properly check this flag before accessing the current segment number, leading to an invalid memory access. The vulnerability has been addressed by introducing checks for the error flag and validating segment numbers before use.

Impact

Exploitation of this vulnerability causes a kernel panic, disrupting system operations by crashing the kernel.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel F2FS Uninitialized Memory Access Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating