{"id":"CVE-2025-38626","summary":"f2fs: fix to trigger foreground gc during f2fs_map_blocks() in lfs mode","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to trigger foreground gc during f2fs_map_blocks() in lfs mode\n\nw/ \"mode=lfs\" mount option, generic/299 will cause system panic as below:\n\n------------[ cut here ]------------\nkernel BUG at fs/f2fs/segment.c:2835!\nCall Trace:\n \u003cTASK\u003e\n f2fs_allocate_data_block+0x6f4/0xc50\n f2fs_map_blocks+0x970/0x1550\n f2fs_iomap_begin+0xb2/0x1e0\n iomap_iter+0x1d6/0x430\n __iomap_dio_rw+0x208/0x9a0\n f2fs_file_write_iter+0x6b3/0xfa0\n aio_write+0x15d/0x2e0\n io_submit_one+0x55e/0xab0\n __x64_sys_io_submit+0xa5/0x230\n do_syscall_64+0x84/0x2f0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0010:new_curseg+0x70f/0x720\n\nThe root cause of we run out-of-space is: in f2fs_map_blocks(), f2fs may\ntrigger foreground gc only if it allocates any physical block, it will be\na little bit later when there is multiple threads writing data w/\naio/dio/bufio method in parallel, since we always use OPU in lfs mode, so\nf2fs_map_blocks() does block allocations aggressively.\n\nIn order to fix this issue, let's give a chance to trigger foreground\ngc in prior to block allocation in f2fs_map_blocks().","modified":"2026-04-02T12:48:03.331187Z","published":"2025-08-22T16:00:34.867Z","related":["MGASA-2025-0234","MGASA-2025-0235"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38626.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/1005a3ca28e90c7a64fa43023f866b960a60f791"},{"type":"WEB","url":"https://git.kernel.org/stable/c/264ede8a52f18647ed5bb5f2bd9bf54f556ad8f5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/385e64a0744584397b4b52b27c96703516f39968"},{"type":"WEB","url":"https://git.kernel.org/stable/c/82765ce5c7a56f9309ee45328e763610eaf11253"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d2f280f43a2a9d918fd23169ff3a6f3b65c7cec5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f289690f50a01c3e085d87853392d5b7436a4cee"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38626.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38626"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"36abef4e796d382e81a0c2d21ea5327481dd7154"},{"fixed":"d2f280f43a2a9d918fd23169ff3a6f3b65c7cec5"},{"fixed":"f289690f50a01c3e085d87853392d5b7436a4cee"},{"fixed":"82765ce5c7a56f9309ee45328e763610eaf11253"},{"fixed":"264ede8a52f18647ed5bb5f2bd9bf54f556ad8f5"},{"fixed":"385e64a0744584397b4b52b27c96703516f39968"},{"fixed":"1005a3ca28e90c7a64fa43023f866b960a60f791"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38626.json"}}],"schema_version":"1.7.5"}