CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-37839: jbd2: remove wrong sb->s_sequence check

Description

In the Linux kernel, the following vulnerability has been resolved:

jbd2: remove wrong sb->s_sequence check

Journal emptiness is not determined by sb->s_sequence == 0 but rather by
sb->s_start == 0 (which is set a few lines above). Furthermore 0 is a
valid transaction ID so the check can spuriously trigger. Remove the
invalid WARN_ON.

Classification

CVE ID: CVE-2025-37839

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 12.8% (scored less or equal to compared to others)

EPSS Date: 2025-06-07 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-37839
https://git.kernel.org/stable/c/cf30432f5b3064ff85d85639c2f0106f89c566f6
https://git.kernel.org/stable/c/b479839525fe7906966cdc4b5b2afbca048558a1
https://git.kernel.org/stable/c/ad926f735b4d4f10768fec7d080cadeb6d075cac
https://git.kernel.org/stable/c/3b4643ffaf72d7a5a357e9bf68b1775f8cfe7e77
https://git.kernel.org/stable/c/c88f7328bb0fff66520fc9164f02b1d06e083c1b
https://git.kernel.org/stable/c/9eaec071f111cd2124ce9a5b93536d3f6837d457
https://git.kernel.org/stable/c/c98eb9ffb1d9c98237b5e1668eee17654e129fb0
https://git.kernel.org/stable/c/b0cca357f85beb6144ab60c62dcc98508cc044bf
https://git.kernel.org/stable/c/e6eff39dd0fe4190c6146069cc16d160e71d1148

Timeline