CVE-2025-71072
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2026-01-13

Last updated on: 2026-03-25

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: shmem: fix recovery on rename failures maple_tree insertions can fail if we are seriously short on memory; simple_offset_rename() does not recover well if it runs into that. The same goes for simple_offset_rename_exchange(). Moreover, shmem_whiteout() expects that if it succeeds, the caller will progress to d_move(), i.e. that shmem_rename2() won't fail past the successful call of shmem_whiteout(). Not hard to fix, fortunately - mtree_store() can't fail if the index we are trying to store into is already present in the tree as a singleton. For simple_offset_rename_exchange() that's enough - we just need to be careful about the order of operations. For simple_offset_rename() solution is to preinsert the target into the tree for new_dir; the rest can be done without any potentially failing operations. That preinsertion has to be done in shmem_rename2() rather than in simple_offset_rename() itself - otherwise we'd need to deal with the possibility of failure after successful shmem_whiteout().
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-13
Last Modified
2026-03-25
Generated
2026-06-16
AI Q&A
2026-01-14
EPSS Evaluated
2026-06-14
NVD
CVE-2025-71072
EUVD
EUVD-2026-2281
Affected Vendors & Products
Showing 11 associated CPEs
Vendor Product Version / Range
linux linux_kernel 6.6
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel From 6.13 (inc) to 6.18.3 (exc)
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel From 6.6.1 (inc) to 6.12.64 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves the Linux kernel's shmem subsystem, specifically in how it handles rename operations when memory is critically low. The functions simple_offset_rename() and simple_offset_rename_exchange() do not properly recover from failures during maple_tree insertions caused by low memory. Additionally, shmem_whiteout() assumes that if it succeeds, subsequent operations will also succeed, which is not always the case. The fix involves preinserting the target into the tree to avoid failures after successful shmem_whiteout() calls, ensuring better recovery and stability during rename failures.

Impact Analysis

This vulnerability can cause failures or instability in the Linux kernel's shared memory rename operations under low memory conditions. This could potentially lead to unexpected errors or data handling issues during file renaming in shared memory, possibly affecting system reliability or causing application errors that depend on these operations.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-71072. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart