1. Home
  2. Vulnerabilities
  3. CVE-2025-40361
0.0
NA
CVE-2025-40361
fs: ext4: change GFP_KERNEL to GFP_NOFS to avoid deadlock
Description

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

INFO

Published Date :

Dec. 16, 2025, 2:15 p.m.

Last Modified :

Jan. 9, 2026, 11:15 a.m.

Remotely Exploit :

No

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67
Affected Products

The following products are affected by CVE-2025-40361 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Linux linux_kernel
: Total Affected Vendor : 1 | Products : 1
Solution
Update the Linux kernel to fix a deadlock issue in the ext4 filesystem.
  • Apply the latest Linux kernel updates.
  • Ensure the ext4 filesystem uses GFP_NOFS flags.
  • Rebuild and deploy the updated kernel.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2025-40361 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2025-40361 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Rejected by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Jan. 09, 2026

    Action Type Old Value New Value
  • CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Jan. 09, 2026

    Action Type Old Value New Value
    Changed Description In the Linux kernel, the following vulnerability has been resolved: fs: ext4: change GFP_KERNEL to GFP_NOFS to avoid deadlock The parent function ext4_xattr_inode_lookup_create already uses GFP_NOFS for memory alloction, so the function ext4_xattr_inode_cache_find should use same gfp_flag. Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
    Removed Reference kernel.org: https://git.kernel.org/stable/c/009127b0fc013aed193961686c28c2b541a5b2f3
    Removed Reference kernel.org: https://git.kernel.org/stable/c/1534f72dc2a11ded38b0e0268fbcc0ca24e9fd4a
    Removed Reference kernel.org: https://git.kernel.org/stable/c/199ab7b43c5ef7d384f6a08e786e107b3509acda
    Removed Reference kernel.org: https://git.kernel.org/stable/c/238f7a7356c33a9797a6297c6fdfd87f113b2325
    Removed Reference kernel.org: https://git.kernel.org/stable/c/5e6b27f4e68682aa3db9f83ca04adef89903159b
    Removed Reference kernel.org: https://git.kernel.org/stable/c/add8458cac0b33a5e7a6b98457b38baea9600859
    Removed Reference kernel.org: https://git.kernel.org/stable/c/bb7d0d13c6e1f061464d1c425b08348a4e0c235d
  • New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Dec. 16, 2025

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: fs: ext4: change GFP_KERNEL to GFP_NOFS to avoid deadlock The parent function ext4_xattr_inode_lookup_create already uses GFP_NOFS for memory alloction, so the function ext4_xattr_inode_cache_find should use same gfp_flag.
    Added Reference https://git.kernel.org/stable/c/009127b0fc013aed193961686c28c2b541a5b2f3
    Added Reference https://git.kernel.org/stable/c/1534f72dc2a11ded38b0e0268fbcc0ca24e9fd4a
    Added Reference https://git.kernel.org/stable/c/199ab7b43c5ef7d384f6a08e786e107b3509acda
    Added Reference https://git.kernel.org/stable/c/238f7a7356c33a9797a6297c6fdfd87f113b2325
    Added Reference https://git.kernel.org/stable/c/5e6b27f4e68682aa3db9f83ca04adef89903159b
    Added Reference https://git.kernel.org/stable/c/add8458cac0b33a5e7a6b98457b38baea9600859
    Added Reference https://git.kernel.org/stable/c/bb7d0d13c6e1f061464d1c425b08348a4e0c235d
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Vulnerability Scoring Details
No CVSS metrics available for this vulnerability.