CVE-2025-40054 | Linux Kernel up to 6.17.2 f2fs f2fs_merge_page_bio use after free

October 28, 2025 Yanac

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.17.2. The affected element is the function f2fs_merge_page_bio of the component f2fs. Such manipulation leads to use after free.

This vulnerability is listed as CVE-2025-40054. The attack must be carried out from within the local network. There is no available exploit.

You should upgrade the affected component.VulDB Recent EntriesRead More