CVE-2025-71271

MEDIUM

hfsplus: ensure sb->s_fs_info is always cleaned up

Title source: cna

Description

In the Linux kernel, the following vulnerability has been resolved: hfsplus: ensure sb->s_fs_info is always cleaned up When hfsplus was converted to the new mount api a bug was introduced by changing the allocation pattern of sb->s_fs_info. If setup_bdev_super() fails after a new superblock has been allocated by sget_fc(), but before hfsplus_fill_super() takes ownership of the filesystem-specific s_fs_info data it was leaked. Fix this by freeing sb->s_fs_info in hfsplus_kill_super().

References (3)

Core 3

Core References

https://git.kernel.org/stable/c/0bcfebb83b5460d5be4e5c9dfb19cdaf3d4cb1db

https://git.kernel.org/stable/c/1e38d32bb04d85a2c81204a85a34878a497128c8

https://git.kernel.org/stable/c/126fb0ce99431126b44a6c360192668c818f641f

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 2.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

Status published

Products (9)

Linux/Linux < 6.13

Linux/Linux 432f7c78cb000a3151fa0d39585b000312f50d7e - 0bcfebb83b5460d5be4e5c9dfb19cdaf3d4cb1db

Linux/Linux 432f7c78cb000a3151fa0d39585b000312f50d7e - 126fb0ce99431126b44a6c360192668c818f641f

Linux/Linux 432f7c78cb000a3151fa0d39585b000312f50d7e - 1e38d32bb04d85a2c81204a85a34878a497128c8

Linux/Linux 6.13

Linux/Linux 6.18.16 - 6.18.*

Linux/Linux 6.19.6 - 6.19.*

Linux/Linux 7.0

linux/linux_kernel 6.13 - 6.18.16

Published May 06, 2026

Tracked Since May 06, 2026