VYPR
Medium severity5.5NVD Advisory· Published Sep 19, 2025· Updated May 12, 2026

CVE-2025-39842

CVE-2025-39842

Description

In the Linux kernel, the following vulnerability has been resolved:

ocfs2: prevent release journal inode after journal shutdown

Before calling ocfs2_delete_osb(), ocfs2_journal_shutdown() has already been executed in ocfs2_dismount_volume(), so osb->journal must be NULL. Therefore, the following calltrace will inevitably fail when it reaches jbd2_journal_release_jbd_inode().

ocfs2_dismount_volume()-> ocfs2_delete_osb()-> ocfs2_free_slot_info()-> __ocfs2_free_slot_info()-> evict()-> ocfs2_evict_inode()-> ocfs2_clear_inode()-> jbd2_journal_release_jbd_inode(osb->journal->j_journal,

Adding osb->journal checks will prevent null-ptr-deref during the above execution path.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

117

Patches

Vulnerability mechanics

References

7

News mentions

1