{"id":"CVE-2025-40233","summary":"ocfs2: clear extent cache after moving/defragmenting extents","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: clear extent cache after moving/defragmenting extents\n\nThe extent map cache can become stale when extents are moved or\ndefragmented, causing subsequent operations to see outdated extent flags. \nThis triggers a BUG_ON in ocfs2_refcount_cal_cow_clusters().\n\nThe problem occurs when:\n1. copy_file_range() creates a reflinked extent with OCFS2_EXT_REFCOUNTED\n2. ioctl(FITRIM) triggers ocfs2_move_extents()\n3. __ocfs2_move_extents_range() reads and caches the extent (flags=0x2)\n4. ocfs2_move_extent()/ocfs2_defrag_extent() calls __ocfs2_move_extent()\n   which clears OCFS2_EXT_REFCOUNTED flag on disk (flags=0x0)\n5. The extent map cache is not invalidated after the move\n6. Later write() operations read stale cached flags (0x2) but disk has\n   updated flags (0x0), causing a mismatch\n7. BUG_ON(!(rec-\u003ee_flags & OCFS2_EXT_REFCOUNTED)) triggers\n\nFix by clearing the extent map cache after each extent move/defrag\noperation in __ocfs2_move_extents_range().  This ensures subsequent\noperations read fresh extent data from disk.","modified":"2026-04-02T12:48:20.348505Z","published":"2025-12-04T15:31:23.891Z","related":["SUSE-SU-2026:0263-1","SUSE-SU-2026:0278-1","SUSE-SU-2026:0281-1","SUSE-SU-2026:0293-1","SUSE-SU-2026:0315-1","SUSE-SU-2026:0316-1","SUSE-SU-2026:0317-1","SUSE-SU-2026:0350-1","SUSE-SU-2026:0369-1","SUSE-SU-2026:0411-1","SUSE-SU-2026:0617-1","SUSE-SU-2026:20207-1","SUSE-SU-2026:20220-1","SUSE-SU-2026:20228-1","SUSE-SU-2026:20477-1","SUSE-SU-2026:20498-1","SUSE-SU-2026:20845-1","SUSE-SU-2026:20876-1","openSUSE-SU-2026:20145-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40233.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/78a63493f8e352296dbc7cb7b3f4973105e8679e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/93166bc53c0e3587058327a4121daea34b4fecd5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/93b1ab422f1966b71561158e1aedce4ec100f357"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a21750df2f6169af6e039a3bb4893d6c9564e48d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a7ee72286efba1d407c6f15a0528e43593fb7007"},{"type":"WEB","url":"https://git.kernel.org/stable/c/aa6a21409dd6221bb268b56bb410e031c632ff9a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/bb69928ed578f881e68d26aaf1a8f6e7faab3b44"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e92af7737a94a729225d2a5d180eaaa77fe0bbc1"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40233.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40233"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"53069d4e76954e2e63c1b3c501051c6fbcf7298c"},{"fixed":"93166bc53c0e3587058327a4121daea34b4fecd5"},{"fixed":"a7ee72286efba1d407c6f15a0528e43593fb7007"},{"fixed":"93b1ab422f1966b71561158e1aedce4ec100f357"},{"fixed":"e92af7737a94a729225d2a5d180eaaa77fe0bbc1"},{"fixed":"aa6a21409dd6221bb268b56bb410e031c632ff9a"},{"fixed":"bb69928ed578f881e68d26aaf1a8f6e7faab3b44"},{"fixed":"a21750df2f6169af6e039a3bb4893d6c9564e48d"},{"fixed":"78a63493f8e352296dbc7cb7b3f4973105e8679e"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-40233.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"3.0.0"},{"fixed":"5.4.301"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.246"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.196"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.158"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.115"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.56"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.17.6"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-40233.json"}}],"schema_version":"1.7.5"}