CVE-2025-23130 Affecting linux-virt package, versions <6.12.58-r0
Threat Intelligence
The probability is the direct output of the EPSS model, and conveys an overall sense of the threat of exploitation in the wild. The percentile measures the EPSS probability relative to all known EPSS scores. Note: This data is updated daily, relying on the latest available EPSS model version. Check out the EPSS documentation for more details.
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-MINIMOSLATEST-LINUXVIRT-13961833
- published14 Nov 2025
- disclosed16 Apr 2025
Introduced: 16 Apr 2025
CVE-2025-23130 (opens in a new tab)How to fix?
Upgrade Minimos:latest linux-virt to version 6.12.58-r0 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream linux-virt package and not the linux-virt package as distributed by Minimos.
See How to fix? for Minimos:latest relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to avoid panic once fallocation fails for pinfile
syzbot reports a f2fs bug as below:
------------[ cut here ]------------ kernel BUG at fs/f2fs/segment.c:2746! CPU: 0 UID: 0 PID: 5323 Comm: syz.0.0 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0 RIP: 0010:get_new_segment fs/f2fs/segment.c:2746 [inline] RIP: 0010:new_curseg+0x1f52/0x1f70 fs/f2fs/segment.c:2876 Call Trace: <TASK> __allocate_new_segment+0x1ce/0x940 fs/f2fs/segment.c:3210 f2fs_allocate_new_section fs/f2fs/segment.c:3224 [inline] f2fs_allocate_pinning_section+0xfa/0x4e0 fs/f2fs/segment.c:3238 f2fs_expand_inode_data+0x696/0xca0 fs/f2fs/file.c:1830 f2fs_fallocate+0x537/0xa10 fs/f2fs/file.c:1940 vfs_fallocate+0x569/0x6e0 fs/open.c:327 do_vfs_ioctl+0x258c/0x2e40 fs/ioctl.c:885 __do_sys_ioctl fs/ioctl.c:904 [inline] __se_sys_ioctl+0x80/0x170 fs/ioctl.c:892 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f
Concurrent pinfile allocation may run out of free section, result in panic in get_new_segment(), let's expand pin_sem lock coverage to include f2fs_gc(), so that we can make sure to reclaim enough free space for following allocation.
In addition, do below changes to enhance error path handling:
- call f2fs_bug_on() only in non-pinfile allocation path in get_new_segment().
- call reset_curseg_fields() to reset all fields of curseg in new_curseg()
References
- https://www.cve.org/CVERecord?id=CVE-2025-23130
- https://github.com/advisories/GHSA-qj48-g5ch-7g59
- https://osv.dev/vulnerability/MINI-fjrw-8g5h-3cg7
- https://osv.dev/vulnerability/CVE-2025-23130
- https://git.kernel.org/stable/c/2dda0930fb79b847b4bfceb737577d0f6bc24d7d
- https://git.kernel.org/stable/c/48ea8b200414ac69ea96f4c231f5c7ef1fbeffef
- https://git.kernel.org/stable/c/9392862608d081a8346a3b841f862d732fce954b