{
  "public_date" : "2026-01-13T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: f2fs: fix to avoid potential deadlock",
    "id" : "2429117",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2429117"
  },
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nf2fs: fix to avoid potential deadlock\nAs Jiaming Zhang and syzbot reported, there is potential deadlock in\nf2fs as below:\nChain exists of:\n&sbi->cp_rwsem --> fs_reclaim --> sb_internal#2\nPossible unsafe locking scenario:\nCPU0                    CPU1\n----                    ----\nrlock(sb_internal#2);\nlock(fs_reclaim);\nlock(sb_internal#2);\nrlock(&sbi->cp_rwsem);\n*** DEADLOCK ***\n3 locks held by kswapd0/73:\n#0: ffffffff8e247a40 (fs_reclaim){+.+.}-{0:0}, at: balance_pgdat mm/vmscan.c:7015 [inline]\n#0: ffffffff8e247a40 (fs_reclaim){+.+.}-{0:0}, at: kswapd+0x951/0x2800 mm/vmscan.c:7389\n#1: ffff8880118400e0 (&type->s_umount_key#50){.+.+}-{4:4}, at: super_trylock_shared fs/super.c:562 [inline]\n#1: ffff8880118400e0 (&type->s_umount_key#50){.+.+}-{4:4}, at: super_cache_scan+0x91/0x4b0 fs/super.c:197\n#2: ffff888011840610 (sb_internal#2){.+.+}-{0:0}, at: f2fs_evict_inode+0x8d9/0x1b60 fs/f2fs/inode.c:890\nstack backtrace:\nCPU: 0 UID: 0 PID: 73 Comm: kswapd0 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n<TASK>\ndump_stack_lvl+0x189/0x250 lib/dump_stack.c:120\nprint_circular_bug+0x2ee/0x310 kernel/locking/lockdep.c:2043\ncheck_noncircular+0x134/0x160 kernel/locking/lockdep.c:2175\ncheck_prev_add kernel/locking/lockdep.c:3165 [inline]\ncheck_prevs_add kernel/locking/lockdep.c:3284 [inline]\nvalidate_chain+0xb9b/0x2140 kernel/locking/lockdep.c:3908\n__lock_acquire+0xab9/0xd20 kernel/locking/lockdep.c:5237\nlock_acquire+0x120/0x360 kernel/locking/lockdep.c:5868\ndown_read+0x46/0x2e0 kernel/locking/rwsem.c:1537\nf2fs_down_read fs/f2fs/f2fs.h:2278 [inline]\nf2fs_lock_op fs/f2fs/f2fs.h:2357 [inline]\nf2fs_do_truncate_blocks+0x21c/0x10c0 fs/f2fs/file.c:791\nf2fs_truncate_blocks+0x10a/0x300 fs/f2fs/file.c:867\nf2fs_truncate+0x489/0x7c0 fs/f2fs/file.c:925\nf2fs_evict_inode+0x9f2/0x1b60 fs/f2fs/inode.c:897\nevict+0x504/0x9c0 fs/inode.c:810\nf2fs_evict_inode+0x1dc/0x1b60 fs/f2fs/inode.c:853\nevict+0x504/0x9c0 fs/inode.c:810\ndispose_list fs/inode.c:852 [inline]\nprune_icache_sb+0x21b/0x2c0 fs/inode.c:1000\nsuper_cache_scan+0x39b/0x4b0 fs/super.c:224\ndo_shrink_slab+0x6ef/0x1110 mm/shrinker.c:437\nshrink_slab_memcg mm/shrinker.c:550 [inline]\nshrink_slab+0x7ef/0x10d0 mm/shrinker.c:628\nshrink_one+0x28a/0x7c0 mm/vmscan.c:4955\nshrink_many mm/vmscan.c:5016 [inline]\nlru_gen_shrink_node mm/vmscan.c:5094 [inline]\nshrink_node+0x315d/0x3780 mm/vmscan.c:6081\nkswapd_shrink_node mm/vmscan.c:6941 [inline]\nbalance_pgdat mm/vmscan.c:7124 [inline]\nkswapd+0x147c/0x2800 mm/vmscan.c:7389\nkthread+0x70e/0x8a0 kernel/kthread.c:463\nret_from_fork+0x4bc/0x870 arch/x86/kernel/process.c:158\nret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n</TASK>\nThe root cause is deadlock among four locks as below:\nkswapd\n- fs_reclaim--- Lock A\n- shrink_one\n- evict\n- f2fs_evict_inode\n- sb_start_intwrite--- Lock B\n- iput\n- evict\n- f2fs_evict_inode\n- sb_start_intwrite--- Lock B\n- f2fs_truncate\n- f2fs_truncate_blocks\n- f2fs_do_truncate_blocks\n- f2fs_lock_op--- Lock C\nioctl\n- f2fs_ioc_commit_atomic_write\n- f2fs_lock_op--- Lock C\n- __f2fs_commit_atomic_write\n- __replace_atomic_write_block\n- f2fs_get_dnode_of_data\n- __get_node_folio\n- f2fs_check_nid_range\n- f2fs_handle_error\n- f2fs_record_errors\n- f2fs_down_write--- Lock D\nopen\n- do_open\n- do_truncate\n- security_inode_need_killpriv\n- f2fs_getxattr\n- lookup_all_xattrs\n- f2fs_handle_error\n- f2fs_record_errors\n- f2fs_down_write--- Lock D\n- f2fs_commit_super\n- read_mapping_folio\n- filemap_alloc_folio_noprof\n- prepare_alloc_pages\n- fs_reclaim_acquire--- Lock A\nIn order to a\n---truncated---" ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2025-71065\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-71065\nhttps://lore.kernel.org/linux-cve-announce/2026011322-CVE-2025-71065-6818@gregkh/T" ],
  "name" : "CVE-2025-71065",
  "csaw" : false
}