CVE-2025-40179
Gravedad:
Pendiente de análisis
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
12/11/2025
Última modificación:
12/11/2025
Descripción
*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
ext4: verify orphan file size is not too big<br />
<br />
In principle orphan file can be arbitrarily large. However orphan replay<br />
needs to traverse it all and we also pin all its buffers in memory. Thus<br />
filesystems with absurdly large orphan files can lead to big amounts of<br />
memory consumed. Limit orphan file size to a sane value and also use<br />
kvmalloc() for allocating array of block descriptor structures to avoid<br />
large order allocations for sane but large orphan files.
Impacto
Referencias a soluciones, herramientas e información
- https://git.kernel.org/stable/c/0a6ce20c156442a4ce2a404747bb0fb05d54eeb3
- https://git.kernel.org/stable/c/2b9da798ff0f4d026c5f0f815047393ebe7d8859
- https://git.kernel.org/stable/c/304fc34ff6fc8261138fd81f119e024ac3a129e9
- https://git.kernel.org/stable/c/566a1d6084563bd07433025aa23bcea4427de107
- https://git.kernel.org/stable/c/95a21611b14ae0a401720645245a8db16f040995
- https://git.kernel.org/stable/c/a2d803fab8a6c6a874277cb80156dc114db91921