{"vulnerability": "CVE-2025-23130", "sightings": [{"uuid": "23da16d4-42aa-4915-9a97-24fd2864bd9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-23130", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260408", "content": "", "creation_timestamp": "2026-04-07T18:00:00.000000Z"}, {"uuid": "3e470ce0-8fac-4a10-8bda-e636cdd22a78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-23130", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "63f1ee07-48f3-40a7-ac53-d9f95d3507d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-23130", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "51008ab7-d548-499f-82e3-680554984bc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23130", "type": "seen", "source": "https://t.me/cvedetector/23112", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23130 - F2FS Linux Kernel Pinfile Allocation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23130 \nPublished : April 16, 2025, 3:16 p.m. | 23\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nf2fs: fix to avoid panic once fallocation fails for pinfile  \n  \nsyzbot reports a f2fs bug as below:  \n  \n------------[ cut here ]------------  \nkernel BUG at fs/f2fs/segment.c:2746!  \nCPU: 0 UID: 0 PID: 5323 Comm: syz.0.0 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0  \nRIP: 0010:get_new_segment fs/f2fs/segment.c:2746 [inline]  \nRIP: 0010:new_curseg+0x1f52/0x1f70 fs/f2fs/segment.c:2876  \nCall Trace:  \n   \n __allocate_new_segment+0x1ce/0x940 fs/f2fs/segment.c:3210  \n f2fs_allocate_new_section fs/f2fs/segment.c:3224 [inline]  \n f2fs_allocate_pinning_section+0xfa/0x4e0 fs/f2fs/segment.c:3238  \n f2fs_expand_inode_data+0x696/0xca0 fs/f2fs/file.c:1830  \n f2fs_fallocate+0x537/0xa10 fs/f2fs/file.c:1940  \n vfs_fallocate+0x569/0x6e0 fs/open.c:327  \n do_vfs_ioctl+0x258c/0x2e40 fs/ioctl.c:885  \n __do_sys_ioctl fs/ioctl.c:904 [inline]  \n __se_sys_ioctl+0x80/0x170 fs/ioctl.c:892  \n do_syscall_x64 arch/x86/entry/common.c:52 [inline]  \n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83  \n entry_SYSCALL_64_after_hwframe+0x77/0x7f  \n  \nConcurrent pinfile allocation may run out of free section, result in  \npanic in get_new_segment(), let's expand pin_sem lock coverage to  \ninclude f2fs_gc(), so that we can make sure to reclaim enough free  \nspace for following allocation.  \n  \nIn addition, do below changes to enhance error path handling:  \n- call f2fs_bug_on() only in non-pinfile allocation path in  \nget_new_segment().  \n- call reset_curseg_fields() to reset all fields of curseg in  \nnew_curseg() \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T17:43:34.000000Z"}]}