CVE-2025-22073

Summary

In the Linux kernel, the following vulnerability has been resolved:

spufs: fix a leak on spufs_new_file() failure

It's called from spufs_fill_dir(), and caller of that will do spufs_rmdir() in case of failure. That does remove everything we'd managed to create, but… the problem dentry is still negative. IOW, it needs to be explicitly dropped.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux3f51dd91c80746a5cf76f8c4a77bfc88aa82bb9e < b1eef06d10c1a9848e3a762919bbbe315a0a7cb4affected
LinuxLinux3f51dd91c80746a5cf76f8c4a77bfc88aa82bb9e < 132925bd6772d7614340fb755ac5415462ac8eddaffected
LinuxLinux3f51dd91c80746a5cf76f8c4a77bfc88aa82bb9e < 53b189651c33b5f1fb3b755e6a37a8206978514eaffected
LinuxLinux3f51dd91c80746a5cf76f8c4a77bfc88aa82bb9e < 96de7fbdc2dcadeebc17c3cb89e7cdab487bfce0affected
LinuxLinux3f51dd91c80746a5cf76f8c4a77bfc88aa82bb9e < 90d1b276d1b1379d20ad27d1f6349ba9f44a2e00affected
LinuxLinux3f51dd91c80746a5cf76f8c4a77bfc88aa82bb9e < 35f789ccebd69f6f9a1e0a9b85435003b2450065affected
LinuxLinux3f51dd91c80746a5cf76f8c4a77bfc88aa82bb9e < d791985ceeb081155b4e96d314ca54c7605dcbe0affected
LinuxLinux3f51dd91c80746a5cf76f8c4a77bfc88aa82bb9e < 0bd56e4e72c354b65c0a7e5ac1c09eca81949d5baffected
LinuxLinux3f51dd91c80746a5cf76f8c4a77bfc88aa82bb9e < d1ca8698ca1332625d83ea0d753747be66f9906daffected
LinuxLinux2.6.16affected
LinuxLinux0 < 2.6.16unaffected
LinuxLinux5.4.292 <= 5.4.*unaffected
LinuxLinux5.10.236 <= 5.10.*unaffected
LinuxLinux5.15.180 <= 5.15.*unaffected
LinuxLinux6.1.134 <= 6.1.*unaffected
LinuxLinux6.6.87 <= 6.6.*unaffected
LinuxLinux6.12.23 <= 6.12.*unaffected
LinuxLinux6.13.11 <= 6.13.*unaffected
LinuxLinux6.14.2 <= 6.14.*unaffected
LinuxLinux6.15 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References