CVE-2025-40179
In the Linux kernel, the following vulnerability has been resolved: ext4: verify orphan file size is not too big In principle orphan file can be arbitrarily large. However orphan replay needs to traverse it all and we also pin all its buffers in memory. Thus filesystems with absurdly large orphan files can lead to big amounts of memory consumed. Limit orphan file size to a sane value and also use kvmalloc() for allocating array of block descriptor structures to avoid large order allocations for sane but large orphan files.
Affected versions
Linux kernel versions
5.15
and later are affected. Fixed in
5.15.195,
6.1.157,
6.6.113,
6.12.54,
6.17.4,
6.18
and their respective stable series.
References
The following references provide additional information about CVE-2025-40179 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.
-
PatchKernel patch commithttps://git.kernel.org/stable/c/0a6ce20c156442a4ce2a404747bb0fb05d54eeb3
-
PatchKernel patch commithttps://git.kernel.org/stable/c/2b9da798ff0f4d026c5f0f815047393ebe7d8859
-
PatchKernel patch commithttps://git.kernel.org/stable/c/304fc34ff6fc8261138fd81f119e024ac3a129e9
Frequently asked questions
-
What is CVE-2025-40179?
CVE-2025-40179 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 5.15 onward and has been patched in 5.15.195, 6.1.157, 6.6.113 and others. CVE-2025-40179 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
-
Is there a patch available for CVE-2025-40179?
Yes — CVE-2025-40179 has been patched. Fixed versions include 5.15.195, 6.1.157, 6.6.113 and others. If you are running Linux kernel 5.15 or later up to the fix versions, apply the relevant patch for your kernel branch.
-
Is CVE-2025-40179 actively exploited?
No — CVE-2025-40179 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.