CVE-2025-39743
Description
In the Linux kernel, the following vulnerability has been resolved:
jfs: truncate good inode pages when hard link is 0
The fileset value of the inode copy from the disk by the reproducer is AGGR_RESERVED_I. When executing evict, its hard link number is 0, so its inode pages are not truncated. This causes the bugon to be triggered when executing clear_inode() because nrpages is greater than 0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
In JFS, when an inode's hard link count is 0, its pages are not truncated, leading to a BUG_ON in clear_inode().
Vulnerability
Overview
A vulnerability in the Linux kernel's JFS filesystem occurs when an inode with a hard link count of 0 is evicted. The fileset value of the inode, read from disk, is AGGR_RESERVED_I. During eviction, because the hard link count is 0, the inode's pages are not truncated. This leaves nrpages greater than 0, which triggers a BUG_ON assertion in clear_inode(), causing a kernel panic [1].
Exploitation
An attacker who can mount a corrupted JFS filesystem or trigger a scenario where an inode's hard link count becomes 0 without proper page truncation can cause a denial of service. No special privileges are required beyond the ability to access the filesystem. The attack is local, as it involves mounting a crafted filesystem image.
Impact
Successful exploitation results in a kernel panic, leading to a denial of service (system crash). The vulnerability is classified as high severity with a CVSS v3 score of 7.8, reflecting the potential for complete system unavailability.
Mitigation
Patches have been applied to the Linux kernel stable branches [2][3][4]. Users should update to the latest kernel versions containing the fix. Affected products include SIMATIC CN 4100 versions prior to V5.0, where this CVE is listed among others [1].
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Linux/Linuxv5Range: 2.6.14
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- git.kernel.org/stable/c/1bb5cdc3e39f0c2b311fcb631258b7e60d3fb0d3nvdPatch
- git.kernel.org/stable/c/2b1d5ca395a5fb170c3f885cd42c16179f7f54ecnvdPatch
- git.kernel.org/stable/c/2d91b3765cd05016335cd5df5e5c6a29708ec058nvdPatch
- git.kernel.org/stable/c/34d8e982bac48bdcca7524644a8825a580edce74nvdPatch
- git.kernel.org/stable/c/5845b926c561b8333cd65169526eec357d7bb449nvdPatch
- git.kernel.org/stable/c/89fff8e3d6710fc32507b8e19eb5afa9fb79b896nvdPatch
- git.kernel.org/stable/c/8ed7275910fb7177012619864e04d3008763f3eanvdPatch
- git.kernel.org/stable/c/b5b471820c33365a8ccd2d463578bf4e47056c2cnvdPatch
- git.kernel.org/stable/c/df3fd8daf278eca365f221749ae5b728e8382a04nvdPatch
- lists.debian.org/debian-lts-announce/2025/10/msg00007.htmlnvdMailing ListThird Party Advisory
- lists.debian.org/debian-lts-announce/2025/10/msg00008.htmlnvdMailing ListThird Party Advisory
- cert-portal.siemens.com/productcert/html/ssa-032379.htmlnvd
News mentions
1- Siemens SIMATICCISA ICS Advisories