CVE-2025-21699

In the Linux kernel, the following vulnerability has been resolved:

gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag

Truncate an inode's address space when flipping the GFS2_DIF_JDATA flag:
depending on that flag, the pages in the address space will either use
buffer heads or iomap_folio_state structs, and we cannot mix the two.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
LinuxCNA
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
VendorProductVersion
linuxlinux_kernel
𝑥
< 5.4.290
linuxlinux_kernel
5.5 ≤
𝑥
< 5.10.234
linuxlinux_kernel
5.11 ≤
𝑥
< 5.15.178
linuxlinux_kernel
5.16 ≤
𝑥
< 6.1.128
linuxlinux_kernel
6.2 ≤
𝑥
< 6.6.75
linuxlinux_kernel
6.7 ≤
𝑥
< 6.12.12
linuxlinux_kernel
6.13
linuxlinux_kernel
6.13:rc1
linuxlinux_kernel
6.13:rc2
linuxlinux_kernel
6.13:rc3
linuxlinux_kernel
6.13:rc4
linuxlinux_kernel
6.13:rc5
linuxlinux_kernel
6.13:rc6
linuxlinux_kernel
6.13:rc7
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
vulnerable
bullseye (security)
5.10.234-1
fixed
bookworm
6.1.129-1
fixed
bookworm (security)
6.1.128-1
fixed
trixie
6.12.20-1
fixed
sid
6.12.21-1
fixed
linux-6.1
bullseye (security)
6.1.129-1~deb11u1
fixed
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/2a40a140e11fec699e128170ccaa98b6b82cb503
https://git.kernel.org/stable/c/2b0bd5051ad1c1e9ef4879f18e15a7712c974f3e
https://git.kernel.org/stable/c/4516febe325342555bb09ca5b396fb816d655821
https://git.kernel.org/stable/c/4dd57d1f0e9844311c635a7fb39abce4f2ac5a61
https://git.kernel.org/stable/c/4e3ded34f3f3c9d7ed2aac7be8cf51153646574a
https://git.kernel.org/stable/c/5bb1fd0855bb0abc7d97e44758d6ffed7882d2d0
https://git.kernel.org/stable/c/7c9d9223802fbed4dee1ae301661bf346964c9d2
https://git.kernel.org/stable/c/8c41abc11aa8438c9ed2d973f97e66674c0355df