CVE-2025-39743
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-11

Last updated on: 2025-11-03

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: jfs: truncate good inode pages when hard link is 0 The fileset value of the inode copy from the disk by the reproducer is AGGR_RESERVED_I. When executing evict, its hard link number is 0, so its inode pages are not truncated. This causes the bugon to be triggered when executing clear_inode() because nrpages is greater than 0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-11
Last Modified
2025-11-03
Generated
2026-06-16
AI Q&A
2025-09-11
EPSS Evaluated
2026-06-14
NVD
CVE-2025-39743
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
linux kernel 5.10.244-1
linux kernel 6.1.153-1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in the Linux kernel's JFS (Journaled File System) involves improper handling of inode pages when the hard link count is zero. Specifically, inode pages are not truncated as they should be when the hard link number reaches zero, leading to a situation where clear_inode() is called with nrpages greater than zero, triggering a bug.

Impact Analysis

The vulnerability can cause unexpected behavior or bugs in the Linux kernel's file system management, potentially leading to system instability or crashes when inode pages are not properly truncated. This could affect system reliability and data integrity.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-39743. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart