github - ghsa-733c-gpw4-q7pf

ghsa-733c-gpw4-q7pf

Vulnerability from github

Published

2025-04-16 12:31

Modified

2025-04-16 12:31

Details

In the Linux kernel, the following vulnerability has been resolved:

bcachefs: bch2_ioctl_subvolume_destroy() fixes

bch2_evict_subvolume_inodes() was getting stuck - due to incorrectly pruning the dcache.

Also, fix missing permissions checks.

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-22019"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-16T11:15:42Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nbcachefs: bch2_ioctl_subvolume_destroy() fixes\n\nbch2_evict_subvolume_inodes() was getting stuck - due to incorrectly\npruning the dcache.\n\nAlso, fix missing permissions checks.",
  "id": "GHSA-733c-gpw4-q7pf",
  "modified": "2025-04-16T12:31:19Z",
  "published": "2025-04-16T12:31:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22019"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/558317a5c61045d460a37372181e7b43c0c002bb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/707549600c4a012ed71c0204a7992a679880bf33"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/82383abd39abd635511b8956284a5cc8134c4dc1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9e6e83e1e2d01b99e70cd7812d7f758a8def9fc8"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2025-22019 (GCVE-0-2025-22019)

Vulnerability from cvelistv5

Published

2025-04-16 10:20

Modified

2025-05-26 05:16

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: bcachefs: bch2_ioctl_subvolume_destroy() fixes bch2_evict_subvolume_inodes() was getting stuck - due to incorrectly pruning the dcache. Also, fix missing permissions checks.

References

►

URL

Tags

	https://git.kernel.org/stable/c/9e6e83e1e2d01b99e70cd7812d7f758a8def9fc8
	https://git.kernel.org/stable/c/82383abd39abd635511b8956284a5cc8134c4dc1
	https://git.kernel.org/stable/c/558317a5c61045d460a37372181e7b43c0c002bb
	https://git.kernel.org/stable/c/707549600c4a012ed71c0204a7992a679880bf33

Impacted products

Vendor

Product

Version

►

Version: 1c6fdbd8f2465ddfb73a01ec620cbf3d14044e1a
Version: 1c6fdbd8f2465ddfb73a01ec620cbf3d14044e1a
Version: 1c6fdbd8f2465ddfb73a01ec620cbf3d14044e1a
Version: 1c6fdbd8f2465ddfb73a01ec620cbf3d14044e1a

Version: 6.7

Show details on NVD website

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/bcachefs/fs-ioctl.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "9e6e83e1e2d01b99e70cd7812d7f758a8def9fc8",
              "status": "affected",
              "version": "1c6fdbd8f2465ddfb73a01ec620cbf3d14044e1a",
              "versionType": "git"
            },
            {
              "lessThan": "82383abd39abd635511b8956284a5cc8134c4dc1",
              "status": "affected",
              "version": "1c6fdbd8f2465ddfb73a01ec620cbf3d14044e1a",
              "versionType": "git"
            },
            {
              "lessThan": "558317a5c61045d460a37372181e7b43c0c002bb",
              "status": "affected",
              "version": "1c6fdbd8f2465ddfb73a01ec620cbf3d14044e1a",
              "versionType": "git"
            },
            {
              "lessThan": "707549600c4a012ed71c0204a7992a679880bf33",
              "status": "affected",
              "version": "1c6fdbd8f2465ddfb73a01ec620cbf3d14044e1a",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/bcachefs/fs-ioctl.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.7"
            },
            {
              "lessThan": "6.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.22",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.13.*",
              "status": "unaffected",
              "version": "6.13.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.14.*",
              "status": "unaffected",
              "version": "6.14.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.22",
                  "versionStartIncluding": "6.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13.10",
                  "versionStartIncluding": "6.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14.2",
                  "versionStartIncluding": "6.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15",
                  "versionStartIncluding": "6.7",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbcachefs: bch2_ioctl_subvolume_destroy() fixes\n\nbch2_evict_subvolume_inodes() was getting stuck - due to incorrectly\npruning the dcache.\n\nAlso, fix missing permissions checks."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-26T05:16:41.626Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/9e6e83e1e2d01b99e70cd7812d7f758a8def9fc8"
        },
        {
          "url": "https://git.kernel.org/stable/c/82383abd39abd635511b8956284a5cc8134c4dc1"
        },
        {
          "url": "https://git.kernel.org/stable/c/558317a5c61045d460a37372181e7b43c0c002bb"
        },
        {
          "url": "https://git.kernel.org/stable/c/707549600c4a012ed71c0204a7992a679880bf33"
        }
      ],
      "title": "bcachefs: bch2_ioctl_subvolume_destroy() fixes",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-22019",
    "datePublished": "2025-04-16T10:20:36.342Z",
    "dateReserved": "2024-12-29T08:45:45.806Z",
    "dateUpdated": "2025-05-26T05:16:41.626Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.