CVE-2025-68266

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> bfs: Reconstruct file type when loading from disk<br /> <br /> syzbot is reporting that S_IFMT bits of inode-&gt;i_mode can become bogus when<br /> the S_IFMT bits of the 32bits "mode" field loaded from disk are corrupted<br /> or when the 32bits "attributes" field loaded from disk are corrupted.<br /> <br /> A documentation says that BFS uses only lower 9 bits of the "mode" field.<br /> But I can&amp;#39;t find an explicit explanation that the unused upper 23 bits<br /> (especially, the S_IFMT bits) are initialized with 0.<br /> <br /> Therefore, ignore the S_IFMT bits of the "mode" field loaded from disk.<br /> Also, verify that the value of the "attributes" field loaded from disk is<br /> either BFS_VREG or BFS_VDIR (because BFS supports only regular files and<br /> the root directory).