CVE-2025-37839

jbd2: remove wrong sb->s_sequence check

Description

In the Linux kernel, the following vulnerability has been resolved: jbd2: remove wrong sb->s_sequence check Journal emptiness is not determined by sb->s_sequence == 0 but rather by sb->s_start == 0 (which is set a few lines above). Furthermore 0 is a valid transaction ID so the check can spuriously trigger. Remove the invalid WARN_ON.

N/A
CVSS
Severity:
EPSS 0.04%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/cf30432f5b3064ff85d85639c2f0106f89c566f6
https://git.kernel.org/stable/c/b479839525fe7906966cdc4b5b2afbca048558a1
https://git.kernel.org/stable/c/ad926f735b4d4f10768fec7d080cadeb6d075cac
https://git.kernel.org/stable/c/3b4643ffaf72d7a5a357e9bf68b1775f8cfe7e77
https://git.kernel.org/stable/c/c88f7328bb0fff66520fc9164f02b1d06e083c1b
https://git.kernel.org/stable/c/9eaec071f111cd2124ce9a5b93536d3f6837d457
https://git.kernel.org/stable/c/c98eb9ffb1d9c98237b5e1668eee17654e129fb0
https://git.kernel.org/stable/c/b0cca357f85beb6144ab60c62dcc98508cc044bf
https://git.kernel.org/stable/c/e6eff39dd0fe4190c6146069cc16d160e71d1148

Frequently Asked Questions

What is the severity of CVE-2025-37839?
CVE-2025-37839 has not yet been assigned a CVSS score.
How to fix CVE-2025-37839?
To fix CVE-2025-37839, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-37839 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2025-37839 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-37839?
CVE-2025-37839 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.