CVE-2025-68796

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> f2fs: fix to avoid updating zero-sized extent in extent cache<br /> <br /> As syzbot reported:<br /> <br /> F2FS-fs (loop0): __update_extent_tree_range: extent len is zero, type: 0, extent [0, 0, 0], age [0, 0]<br /> ------------[ cut here ]------------<br /> kernel BUG at fs/f2fs/extent_cache.c:678!<br /> Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI<br /> CPU: 0 UID: 0 PID: 5336 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)<br /> Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014<br /> RIP: 0010:__update_extent_tree_range+0x13bc/0x1500 fs/f2fs/extent_cache.c:678<br /> Call Trace:<br /> <br /> f2fs_update_read_extent_cache_range+0x192/0x3e0 fs/f2fs/extent_cache.c:1085<br /> f2fs_do_zero_range fs/f2fs/file.c:1657 [inline]<br /> f2fs_zero_range+0x10c1/0x1580 fs/f2fs/file.c:1737<br /> f2fs_fallocate+0x583/0x990 fs/f2fs/file.c:2030<br /> vfs_fallocate+0x669/0x7e0 fs/open.c:342<br /> ioctl_preallocate fs/ioctl.c:289 [inline]<br /> file_ioctl+0x611/0x780 fs/ioctl.c:-1<br /> do_vfs_ioctl+0xb33/0x1430 fs/ioctl.c:576<br /> __do_sys_ioctl fs/ioctl.c:595 [inline]<br /> __se_sys_ioctl+0x82/0x170 fs/ioctl.c:583<br /> do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]<br /> do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94<br /> entry_SYSCALL_64_after_hwframe+0x77/0x7f<br /> RIP: 0033:0x7f07bc58eec9<br /> <br /> In error path of f2fs_zero_range(), it may add a zero-sized extent<br /> into extent cache, it should be avoided.