CVE-2025-39842
Published: Sep 19, 2025
Modified: May 12, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: ocfs2: prevent release journal inode after journal shutdown Before calling ocfs2_delete_osb(), ocfs2_journal_shutdown() has already been executed in ocfs2_dismount_volume(), so osb->journal must be NULL. Therefore, the following calltrace will inevitably fail when it reaches jbd2_journal_release_jbd_inode(). ocfs2_dismount_volume()-> ocfs2_delete_osb()-> ocfs2_free_slot_info()-> __ocfs2_free_slot_info()-> evict()-> ocfs2_evict_inode()-> ocfs2_clear_inode()-> jbd2_journal_release_jbd_inode(osb->journal->j_journal, Adding osb->journal checks will prevent null-ptr-deref during the above execution path.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected da5e7c87827e8caa6a1eeec6d95dcf74ab592a01 - < 42c415c53ad2065088cc411d08925effa5b3d255affected da5e7c87827e8caa6a1eeec6d95dcf74ab592a01 - < e9188f66e94955431ddbe2cd1cdf8ff2bb486abfaffected da5e7c87827e8caa6a1eeec6d95dcf74ab592a01 - < f4a917e6cd6c798f7adf39907f117fc754db1283affected da5e7c87827e8caa6a1eeec6d95dcf74ab592a01 - < 85e66331b60601d903cceaf8c10a234db863cd78affected da5e7c87827e8caa6a1eeec6d95dcf74ab592a01 - < f46e8ef8bb7b452584f2e75337b619ac51a7cadf |
Linux | Linux | affected 5.16unaffected 0 - < 5.16unaffected 6.1.151 - <= 6.1.*unaffected 6.6.105 - <= 6.6.*unaffected 6.12.46 - <= 6.12.*+2 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now