CVE-2025-39743 in Linux
Summary
by MITRE • 09/11/2025
In the Linux kernel, the following vulnerability has been resolved:
jfs: truncate good inode pages when hard link is 0
The fileset value of the inode copy from the disk by the reproducer is AGGR_RESERVED_I. When executing evict, its hard link number is 0, so its inode pages are not truncated. This causes the bugon to be triggered when executing clear_inode() because nrpages is greater than 0.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 01/10/2026
The vulnerability identified as CVE-2025-39743 resides within the Linux kernel's JFS (Journaled File System) implementation, representing a critical flaw in inode page management during the eviction process. This issue manifests when the kernel attempts to handle inode cleanup operations, specifically when dealing with inodes that have a fileset value of AGGR_RESERVED_I and a hard link count of zero. The root cause lies in the improper handling of inode page truncation logic, where the system fails to correctly process memory pages associated with inodes that are being evicted from the cache.
The technical implementation flaw occurs during the clear_inode() function execution when the system encounters inodes with a hard link count of zero. Under normal circumstances, when an inode has zero hard links, the system should truncate all associated page cache pages to prevent data corruption and maintain filesystem integrity. However, the current implementation fails to properly truncate inode pages when the hard link count is zero, leading to a situation where the page count (nrpages) remains greater than zero even after the inode should be fully cleared. This discrepancy triggers a bugon condition, which is a kernel debugging mechanism designed to catch internal inconsistencies and programming errors within the kernel's core subsystems.
The operational impact of this vulnerability extends beyond simple kernel panics or crashes, as it represents a potential pathway for data corruption and filesystem instability. When the bugon condition is triggered, the kernel may either crash completely or enter an inconsistent state where memory management operations become unreliable. This creates a denial of service scenario that can affect the entire system's ability to maintain file integrity and process memory management. The vulnerability particularly affects systems heavily reliant on JFS for storage operations, as the improper handling of inode eviction can propagate through the filesystem and impact other subsystems that depend on consistent inode state management. The issue becomes more pronounced in environments where frequent inode creation and destruction cycles occur, such as high-transaction database servers or systems with intensive file I/O operations.
The vulnerability aligns with CWE-119, which describes weaknesses in memory management and improper handling of resource cleanup operations. From an ATT&CK framework perspective, this represents a privilege escalation vector through kernel exploitation, potentially allowing malicious actors to manipulate the kernel's memory management subsystem to gain elevated privileges or cause system instability. The proper mitigation strategy involves implementing a comprehensive fix that ensures inode page truncation occurs regardless of hard link count during eviction operations. System administrators should prioritize applying the kernel patches that address this specific issue, as the vulnerability cannot be effectively mitigated through configuration changes alone. Additionally, monitoring for kernel bugon messages and implementing robust system logging can help detect potential exploitation attempts, while maintaining up-to-date kernel versions remains the primary defense against such memory management flaws that could be leveraged for more sophisticated attacks.