{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-71230", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-02-18T14:25:13.844Z", "datePublished": "2026-02-18T14:53:14.519Z", "dateUpdated": "2026-05-11T21:56:51.030Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T21:56:51.030Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfs: ensure sb->s_fs_info is always cleaned up\n\nWhen hfs was converted to the new mount api a bug was introduced by\nchanging the allocation pattern of sb->s_fs_info. If setup_bdev_super()\nfails after a new superblock has been allocated by sget_fc(), but before\nhfs_fill_super() takes ownership of the filesystem-specific s_fs_info\ndata it was leaked.\n\nFix this by freeing sb->s_fs_info in hfs_kill_super()."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/hfs/mdb.c", "fs/hfs/super.c"], "versions": [{"version": "ffcd06b6d13b72823aba0d7c871f7e4876e7916b", "lessThan": "46c1d56ad321fb024761abd9af61a0cb616cf2f6", "status": "affected", "versionType": "git"}, {"version": "ffcd06b6d13b72823aba0d7c871f7e4876e7916b", "lessThan": "399219831514126bc9541e8eadefe02c6fbd9166", "status": "affected", "versionType": "git"}, {"version": "ffcd06b6d13b72823aba0d7c871f7e4876e7916b", "lessThan": "05ce49a902be15dc93854cbfc20161205a9ee446", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/hfs/mdb.c", "fs/hfs/super.c"], "versions": [{"version": "6.13", "status": "affected"}, {"version": "0", "lessThan": "6.13", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.11", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.1", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.13", "versionEndExcluding": "6.18.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.13", "versionEndExcluding": "6.19.1"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.13", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/46c1d56ad321fb024761abd9af61a0cb616cf2f6"}, {"url": "https://git.kernel.org/stable/c/399219831514126bc9541e8eadefe02c6fbd9166"}, {"url": "https://git.kernel.org/stable/c/05ce49a902be15dc93854cbfc20161205a9ee446"}], "title": "hfs: ensure sb->s_fs_info is always cleaned up", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "7099A9EC-3D54-4424-BF01-7224EF88C79C", "versionEndExcluding": "6.18.11", "versionStartIncluding": "6.13", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "EE543C0D-A06B-414F-A403-CB1E088F261E", "versionEndExcluding": "6.19.1", "versionStartIncluding": "6.19", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfs: ensure sb->s_fs_info is always cleaned up\n\nWhen hfs was converted to the new mount api a bug was introduced by\nchanging the allocation pattern of sb->s_fs_info. If setup_bdev_super()\nfails after a new superblock has been allocated by sget_fc(), but before\nhfs_fill_super() takes ownership of the filesystem-specific s_fs_info\ndata it was leaked.\n\nFix this by freeing sb->s_fs_info in hfs_kill_super()."}, {"lang": "es", "value": "En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nhfs: asegurar que sb->s_fs_info siempre se limpia\n\nCuando hfs fue convertido a la nueva API de montaje, se introdujo un error al cambiar el patr\u00f3n de asignaci\u00f3n de sb->s_fs_info. Si setup_bdev_super() falla despu\u00e9s de que un nuevo superbloque ha sido asignado por sget_fc(), pero antes de que hfs_fill_super() tome posesi\u00f3n de los datos s_fs_info espec\u00edficos del sistema de archivos, se filtraba.\n\nEsto se soluciona liberando sb->s_fs_info en hfs_kill_super()."}], "id": "CVE-2025-71230", "lastModified": "2026-03-18T17:18:58.160", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-02-18T16:22:29.743", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/05ce49a902be15dc93854cbfc20161205a9ee446"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/399219831514126bc9541e8eadefe02c6fbd9166"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/46c1d56ad321fb024761abd9af61a0cb616cf2f6"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: hfs: ensure sb->s_fs_info is always cleaned up", "id": "2440655", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440655"}, "csaw": false, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nhfs: ensure sb->s_fs_info is always cleaned up\nWhen hfs was converted to the new mount api a bug was introduced by\nchanging the allocation pattern of sb->s_fs_info. If setup_bdev_super()\nfails after a new superblock has been allocated by sget_fc(), but before\nhfs_fill_super() takes ownership of the filesystem-specific s_fs_info\ndata it was leaked.\nFix this by freeing sb->s_fs_info in hfs_kill_super()."], "name": "CVE-2025-71230", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-02-18T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-71230\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-71230\nhttps://lore.kernel.org/linux-cve-announce/2026021804-CVE-2025-71230-8e25@gregkh/T"]}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,46c1d56ad321fb024761abd9af61a0cb616cf2f6)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,399219831514126bc9541e8eadefe02c6fbd9166)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.11,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.19.1,6.20.0)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "analysis": {"en": {"generated_at": "2026-04-21T15:59:40.804185+00:00", "value": {"mitigation_remediation": ["Apply the latest kernel update that includes the hfs_kill_super() fix to eliminate the memory leak", "Reboot the system after installing the updated kernel to ensure all kernel memory is cleared", "If an immediate kernel update is not possible, consider disabling HFS support or preventing mount attempts of HFS filesystems from untrusted sources"], "summary": {"action": "Patch", "impact": "Resource Exhaustion (Memory Leak)"}, "threat_synthesis": {"affected_systems": "The flaw affects all Linux kernel releases that include the HFS filesystem implementation. Since the CPE string references the entire Linux kernel and no specific version is listed, any kernel containing the buggy HFS mounting logic is potentially vulnerable.", "description_and_impact": "When the HFS filesystem was migrated to the new mount API, a bug was introduced that incorrectly managed the allocation of sb->s_fs_info. If the superblock setup fails after allocation but before ownership is transferred by hfs_fill_super(), the allocated structure is never freed and a memory leak occurs. The object remains allocated in kernel memory, leading to gradual exhaustion of free memory with repeated failed mount attempts. The vulnerability does not directly provide code execution or data disclosure, but persistent leaks can degrade system stability over time.", "risk_and_exploitability": "The CVSS score of 5.5 classifies the issue as moderate, reflecting that the leak requires local action involving a failed mount operation. The EPSS score of <1% suggests exploitation is unlikely in the wild at the time of this analysis. The vulnerability is not currently listed in the CISA KEV catalog. The attack likely requires a user with the ability to trigger mount operations, potentially elevating privileges through repeated exhaustion, but no direct remote exploitation path is documented. The risk is increased for systems that mount HFS images frequently from untrusted sources or that operate under tight memory constraints."}}}}, "created": "2026-02-19T10:11:57.877916+00:00", "updated": "2026-04-21T16:00:13.294820+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}