CVE-2025-37839

In the Linux kernel, the following vulnerability has been resolved: jbd2: remove wrong sb->s_sequence check Journal emptiness is not determined by sb->s_sequence == 0 but rather by sb->s_start == 0 (which is set a few lines above). Furthermore 0 is a valid transaction ID so the check can spuriously trigger. Remove the invalid WARN_ON.

CVSS

No CVSS.

References

Link	Resource
https://git.kernel.org/stable/c/3b4643ffaf72d7a5a357e9bf68b1775f8cfe7e77
https://git.kernel.org/stable/c/9eaec071f111cd2124ce9a5b93536d3f6837d457
https://git.kernel.org/stable/c/ad926f735b4d4f10768fec7d080cadeb6d075cac
https://git.kernel.org/stable/c/b0cca357f85beb6144ab60c62dcc98508cc044bf
https://git.kernel.org/stable/c/b479839525fe7906966cdc4b5b2afbca048558a1
https://git.kernel.org/stable/c/c88f7328bb0fff66520fc9164f02b1d06e083c1b
https://git.kernel.org/stable/c/c98eb9ffb1d9c98237b5e1668eee17654e129fb0
https://git.kernel.org/stable/c/cf30432f5b3064ff85d85639c2f0106f89c566f6
https://git.kernel.org/stable/c/e6eff39dd0fe4190c6146069cc16d160e71d1148
https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html

Configurations

No configuration.

History

03 Nov 2025, 20:18

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html - () https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html -

12 May 2025, 17:32

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-09 07:16

Updated : 2025-11-03 20:18

NVD link : CVE-2025-37839

Mitre link : CVE-2025-37839

CVE.ORG link : CVE-2025-37839

JSON object : View

Products Affected

No product.

CWE

No CWE.

{"id": "CVE-2025-37839", "cveTags": [], "metrics": {}, "published": "2025-05-09T07:16:04.593", "references": [{"url": "https://git.kernel.org/stable/c/3b4643ffaf72d7a5a357e9bf68b1775f8cfe7e77", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/9eaec071f111cd2124ce9a5b93536d3f6837d457", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/ad926f735b4d4f10768fec7d080cadeb6d075cac", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/b0cca357f85beb6144ab60c62dcc98508cc044bf", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/b479839525fe7906966cdc4b5b2afbca048558a1", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c88f7328bb0fff66520fc9164f02b1d06e083c1b", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c98eb9ffb1d9c98237b5e1668eee17654e129fb0", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/cf30432f5b3064ff85d85639c2f0106f89c566f6", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/e6eff39dd0fe4190c6146069cc16d160e71d1148", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: remove wrong sb->s_sequence check\n\nJournal emptiness is not determined by sb->s_sequence == 0 but rather by\nsb->s_start == 0 (which is set a few lines above). Furthermore 0 is a\nvalid transaction ID so the check can spuriously trigger. Remove the\ninvalid WARN_ON."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: jbd2: eliminar la comprobaci\u00f3n incorrecta de sb->s_sequence. El vac\u00edo del diario no se determina por sb->s_sequence == 0, sino por sb->s_start == 0 (que se establece unas l\u00edneas m\u00e1s arriba). Adem\u00e1s, 0 es un ID de transacci\u00f3n v\u00e1lido, por lo que la comprobaci\u00f3n puede activarse falsamente. Eliminar el WARN_ON no v\u00e1lido."}], "lastModified": "2025-11-03T20:18:38.053", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}