HOMEVULNERABILITIESCVE-2025-71237
NONE

CVE-2025-71237

Published: February 18, 2026· Updated: Feb 23, 2026

EPSS:0.02%probability of exploitation in 30 daysPercentile:4.2th

Official Description

In the Linux kernel, the following vulnerability has been resolved:

nilfs2: Fix potential block overflow that cause system hang

When a user executes the FITRIM command, an underflow can occur when

calculating nblocks if end_block is too small. Since nblocks is of

type sector_t, which is u64, a negative nblocks value will become a

very large positive integer. This ultimately leads to the block layer

function __blkdev_issue_discard() taking an excessively long time to

process the bio chain, and the ns_segctor_sem lock remains held for a

long period. This prevents other tasks from acquiring the ns_segctor_sem

lock, resulting in the hang reported by syzbot in [1].

If the ending block is too small, typically if it is smaller than 4KiB

range, depending on the usage of the segment 0, it may be possible to

attempt a discard request beyond the device size causing the hang.

Exiting successfully and assign the discarded size (0 in this case)

to range->len.

Although the start and len values in the user input range are too small,

a conservative strategy is adopted here to safely ignore them, which is

equivalent to a no-op; it will not perform any trimming and will not

throw an error.

[1]

task:segctord state:D stack:28968 pid:6093 tgid:6093 ppid:2 task_flags:0x200040 flags:0x00080000

Call Trace:

rwbase_write_lock+0x3dd/0x750 kernel/locking/rwbase_rt.c:272

nilfs_transaction_lock+0x253/0x4c0 fs/nilfs2/segment.c:357

nilfs_segctor_thread_construct fs/nilfs2/segment.c:2569 [inline]

nilfs_segctor_thread+0x6ec/0xe00 fs/nilfs2/segment.c:2684

[ryusuke: corrected part of the commit message about the consequences]

NVD Source

Technical Analysis

CVE-2025-71237 requires local access, meaning attackers must already have a foothold on the target system.

Exploitation requires some privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

Affected Vendors & Products

Mentioned vendors (from description):
Linux
CPE data not yet available in NVD for this CVE.

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

All References (8)

Quick Facts

CVE IDCVE-2025-71237
SeverityNONE
CISA KEVNo
EPSS (30d)0.02%
PublishedFeb 18, 2026

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2025-71237 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.