CVE-2025-38626

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> f2fs: fix to trigger foreground gc during f2fs_map_blocks() in lfs mode<br /> <br /> w/ "mode=lfs" mount option, generic/299 will cause system panic as below:<br /> <br /> ------------[ cut here ]------------<br /> kernel BUG at fs/f2fs/segment.c:2835!<br /> Call Trace:<br /> <br /> f2fs_allocate_data_block+0x6f4/0xc50<br /> f2fs_map_blocks+0x970/0x1550<br /> f2fs_iomap_begin+0xb2/0x1e0<br /> iomap_iter+0x1d6/0x430<br /> __iomap_dio_rw+0x208/0x9a0<br /> f2fs_file_write_iter+0x6b3/0xfa0<br /> aio_write+0x15d/0x2e0<br /> io_submit_one+0x55e/0xab0<br /> __x64_sys_io_submit+0xa5/0x230<br /> do_syscall_64+0x84/0x2f0<br /> entry_SYSCALL_64_after_hwframe+0x76/0x7e<br /> RIP: 0010:new_curseg+0x70f/0x720<br /> <br /> The root cause of we run out-of-space is: in f2fs_map_blocks(), f2fs may<br /> trigger foreground gc only if it allocates any physical block, it will be<br /> a little bit later when there is multiple threads writing data w/<br /> aio/dio/bufio method in parallel, since we always use OPU in lfs mode, so<br /> f2fs_map_blocks() does block allocations aggressively.<br /> <br /> In order to fix this issue, let&amp;#39;s give a chance to trigger foreground<br /> gc in prior to block allocation in f2fs_map_blocks().