{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-68356", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-12-16T14:48:05.301Z", "datePublished": "2025-12-24T10:32:46.275Z", "dateUpdated": "2026-05-11T21:51:37.159Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T21:51:37.159Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Prevent recursive memory reclaim\n\nFunction new_inode() returns a new inode with inode->i_mapping->gfp_mask\nset to GFP_HIGHUSER_MOVABLE. This value includes the __GFP_FS flag, so\nallocations in that address space can recurse into filesystem memory\nreclaim. We don't want that to happen because it can consume a\nsignificant amount of stack memory.\n\nWorse than that is that it can also deadlock: for example, in several\nplaces, gfs2_unstuff_dinode() is called inside filesystem transactions.\nThis calls filemap_grab_folio(), which can allocate a new folio, which\ncan trigger memory reclaim. If memory reclaim recurses into the\nfilesystem and starts another transaction, a deadlock will ensue.\n\nTo fix these kinds of problems, prevent memory reclaim from recursing\ninto filesystem code by making sure that the gfp_mask of inode address\nspaces doesn't include __GFP_FS.\n\nThe \"meta\" and resource group address spaces were already using GFP_NOFS\nas their gfp_mask (which doesn't include __GFP_FS). The default value\nof GFP_HIGHUSER_MOVABLE is less restrictive than GFP_NOFS, though. To\navoid being overly limiting, use the default value and only knock off\nthe __GFP_FS flag. I'm not sure if this will actually make a\ndifference, but it also shouldn't hurt.\n\nThis patch is loosely based on commit ad22c7a043c2 (\"xfs: prevent stack\noverflows from page cache allocation\").\n\nFixes xfstest generic/273."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/gfs2/glock.c", "fs/gfs2/inode.c", "fs/gfs2/inode.h", "fs/gfs2/ops_fstype.c"], "versions": [{"version": "dc0b9435238c1a68150c798c9c7a1b5d7414cbb9", "lessThan": "edb2b255618621dc83d0ec23150e16b2c697077f", "status": "affected", "versionType": "git"}, {"version": "dc0b9435238c1a68150c798c9c7a1b5d7414cbb9", "lessThan": "9c0960ed112398bdb6c60ccf6e6b583bc59acede", "status": "affected", "versionType": "git"}, {"version": "dc0b9435238c1a68150c798c9c7a1b5d7414cbb9", "lessThan": "49e7347f4644d031306d56cb4d51e467cbdcbc69", "status": "affected", "versionType": "git"}, {"version": "dc0b9435238c1a68150c798c9c7a1b5d7414cbb9", "lessThan": "2c5f4a53476e3cab70adc77b38942c066bd2c17c", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/gfs2/glock.c", "fs/gfs2/inode.c", "fs/gfs2/inode.h", "fs/gfs2/ops_fstype.c"], "versions": [{"version": "6.6", "status": "affected"}, {"version": "0", "lessThan": "6.6", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.63", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.17.13", "lessThanOrEqual": "6.17.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.2", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.6", "versionEndExcluding": "6.12.63"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.6", "versionEndExcluding": "6.17.13"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.6", "versionEndExcluding": "6.18.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.6", "versionEndExcluding": "6.19"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/edb2b255618621dc83d0ec23150e16b2c697077f"}, {"url": "https://git.kernel.org/stable/c/9c0960ed112398bdb6c60ccf6e6b583bc59acede"}, {"url": "https://git.kernel.org/stable/c/49e7347f4644d031306d56cb4d51e467cbdcbc69"}, {"url": "https://git.kernel.org/stable/c/2c5f4a53476e3cab70adc77b38942c066bd2c17c"}], "title": "gfs2: Prevent recursive memory reclaim", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Prevent recursive memory reclaim\n\nFunction new_inode() returns a new inode with inode->i_mapping->gfp_mask\nset to GFP_HIGHUSER_MOVABLE. This value includes the __GFP_FS flag, so\nallocations in that address space can recurse into filesystem memory\nreclaim. We don't want that to happen because it can consume a\nsignificant amount of stack memory.\n\nWorse than that is that it can also deadlock: for example, in several\nplaces, gfs2_unstuff_dinode() is called inside filesystem transactions.\nThis calls filemap_grab_folio(), which can allocate a new folio, which\ncan trigger memory reclaim. If memory reclaim recurses into the\nfilesystem and starts another transaction, a deadlock will ensue.\n\nTo fix these kinds of problems, prevent memory reclaim from recursing\ninto filesystem code by making sure that the gfp_mask of inode address\nspaces doesn't include __GFP_FS.\n\nThe \"meta\" and resource group address spaces were already using GFP_NOFS\nas their gfp_mask (which doesn't include __GFP_FS). The default value\nof GFP_HIGHUSER_MOVABLE is less restrictive than GFP_NOFS, though. To\navoid being overly limiting, use the default value and only knock off\nthe __GFP_FS flag. I'm not sure if this will actually make a\ndifference, but it also shouldn't hurt.\n\nThis patch is loosely based on commit ad22c7a043c2 (\"xfs: prevent stack\noverflows from page cache allocation\").\n\nFixes xfstest generic/273."}], "id": "CVE-2025-68356", "lastModified": "2026-04-15T00:35:42.020", "metrics": {}, "published": "2025-12-24T11:15:58.967", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/2c5f4a53476e3cab70adc77b38942c066bd2c17c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/49e7347f4644d031306d56cb4d51e467cbdcbc69"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9c0960ed112398bdb6c60ccf6e6b583bc59acede"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/edb2b255618621dc83d0ec23150e16b2c697077f"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Deferred"}

{"bugzilla": {"description": "kernel: gfs2: Prevent recursive memory reclaim", "id": "2424876", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2424876"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\ngfs2: Prevent recursive memory reclaim\nFunction new_inode() returns a new inode with inode->i_mapping->gfp_mask\nset to GFP_HIGHUSER_MOVABLE. This value includes the __GFP_FS flag, so\nallocations in that address space can recurse into filesystem memory\nreclaim. We don't want that to happen because it can consume a\nsignificant amount of stack memory.\nWorse than that is that it can also deadlock: for example, in several\nplaces, gfs2_unstuff_dinode() is called inside filesystem transactions.\nThis calls filemap_grab_folio(), which can allocate a new folio, which\ncan trigger memory reclaim. If memory reclaim recurses into the\nfilesystem and starts another transaction, a deadlock will ensue.\nTo fix these kinds of problems, prevent memory reclaim from recursing\ninto filesystem code by making sure that the gfp_mask of inode address\nspaces doesn't include __GFP_FS.\nThe \"meta\" and resource group address spaces were already using GFP_NOFS\nas their gfp_mask (which doesn't include __GFP_FS). The default value\nof GFP_HIGHUSER_MOVABLE is less restrictive than GFP_NOFS, though. To\navoid being overly limiting, use the default value and only knock off\nthe __GFP_FS flag. I'm not sure if this will actually make a\ndifference, but it also shouldn't hurt.\nThis patch is loosely based on commit ad22c7a043c2 (\"xfs: prevent stack\noverflows from page cache allocation\").\nFixes xfstest generic/273."], "name": "CVE-2025-68356", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-12-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-68356\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-68356\nhttps://lore.kernel.org/linux-cve-announce/2025122456-CVE-2025-68356-1574@gregkh/T"], "threat_severity": "Low"}

{}