CVE - CVE-2025-21721

CVE-ID
CVE-2025-21721	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle errors that nilfs_prepare_chunk() may return Patch series "nilfs2: fix issues with rename operations". This series fixes BUG_ON check failures reported by syzbot around rename operations, and a minor behavioral issue where the mtime of a child directory changes when it is renamed instead of moved. This patch (of 2): The directory manipulation routines nilfs_set_link() and nilfs_delete_entry() rewrite the directory entry in the folio/page previously read by nilfs_find_entry(), so error handling is omitted on the assumption that nilfs_prepare_chunk(), which prepares the buffer for rewriting, will always succeed for these. And if an error is returned, it triggers the legacy BUG_ON() checks in each routine. This assumption is wrong, as proven by syzbot: the buffer layer called by nilfs_prepare_chunk() may call nilfs_get_block() if necessary, which may fail due to metadata corruption or other reasons. This has been there all along, but improved sanity checks and error handling may have made it more reproducible in fuzzing tests. Fix this issue by adding missing error paths in nilfs_set_link(), nilfs_delete_entry(), and their caller nilfs_rename().
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/481136234dfe96c7f92770829bec6111c7c5f5dd URL:https://git.kernel.org/stable/c/481136234dfe96c7f92770829bec6111c7c5f5dd MISC:https://git.kernel.org/stable/c/7891ac3b0a5c56f7148af507306308ab841cdc31 URL:https://git.kernel.org/stable/c/7891ac3b0a5c56f7148af507306308ab841cdc31 MISC:https://git.kernel.org/stable/c/eddd3176b8c4c83a46ab974574cda7c3dfe09388 URL:https://git.kernel.org/stable/c/eddd3176b8c4c83a46ab974574cda7c3dfe09388 MISC:https://git.kernel.org/stable/c/ee70999a988b8abc3490609142f50ebaa8344432 URL:https://git.kernel.org/stable/c/ee70999a988b8abc3490609142f50ebaa8344432
Assigning CNA
kernel.org
Date Record Created
20241229	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20241229)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)