Volerion logoVolerion
Volerion logoVolerion

Linux Kernel F2FS Memory Leak Vulnerability in Rename Function

Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's F2FS (Flash-Friendly File System) implementation. This issue arises in the 'f2fs_rename' function, where a call to 'f2fs_setup_filename' was added without a corresponding 'f2fs_free_filename' call, leading to unreferenced allocated memory. The vulnerability affects the F2FS file system in the Linux kernel.

Impact

Exploitation of this vulnerability leads to a memory leak, where allocated memory is not properly released, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by renaming files within a directory on an F2FS file system. The 'f2fs_rename' function will be called, which includes the memory leak issue. This can be observed using the 'syzbot' tool, which reported the memory leak as an unreferenced object.

Remediation

The vulnerability has been fixed in the Linux kernel. Users should upgrade to the latest version where this issue has been addressed.

Added: May 1, 2026, 2:27 PM
Updated: May 1, 2026, 2:27 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
0.6
exploitability
3.9
remediation
7.7
relevance
7.2
threat
4.8
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.