{"id":"AZL-64889","summary":"CVE-2025-38333 affecting package kernel 6.6.126.1-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to bail out in get_new_segment()\n\n------------[ cut here ]------------\nWARNING: CPU: 3 PID: 579 at fs/f2fs/segment.c:2832 new_curseg+0x5e8/0x6dc\npc : new_curseg+0x5e8/0x6dc\nCall trace:\n new_curseg+0x5e8/0x6dc\n f2fs_allocate_data_block+0xa54/0xe28\n do_write_page+0x6c/0x194\n f2fs_do_write_node_page+0x38/0x78\n __write_node_page+0x248/0x6d4\n f2fs_sync_node_pages+0x524/0x72c\n f2fs_write_checkpoint+0x4bc/0x9b0\n __checkpoint_and_complete_reqs+0x80/0x244\n issue_checkpoint_thread+0x8c/0xec\n kthread+0x114/0x1bc\n ret_from_fork+0x10/0x20\n\nget_new_segment() detects inconsistent status in between free_segmap\nand free_secmap, let's record such error into super block, and bail\nout get_new_segment() instead of continue using the segment.","modified":"2026-04-21T04:32:36.206416Z","published":"2025-07-10T09:15:27Z","upstream":["CVE-2025-38333"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38333"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"6.6.126.1-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-64889.json"}}],"schema_version":"1.7.5"}