{"id":"CVE-2025-22120","summary":"ext4: goto right label 'out_mmap_sem' in ext4_setattr()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\next4: goto right label 'out_mmap_sem' in ext4_setattr()\n\nOtherwise, if ext4_inode_attach_jinode() fails, a hung task will\nhappen because filemap_invalidate_unlock() isn't called to unlock\nmapping-\u003einvalidate_lock. Like this:\n\nEXT4-fs error (device sda) in ext4_setattr:5557: Out of memory\nINFO: task fsstress:374 blocked for more than 122 seconds.\n      Not tainted 6.14.0-rc1-next-20250206-xfstests-dirty #726\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:fsstress state:D stack:0     pid:374   tgid:374   ppid:373\n                                  task_flags:0x440140 flags:0x00000000\nCall Trace:\n \u003cTASK\u003e\n __schedule+0x2c9/0x7f0\n schedule+0x27/0xa0\n schedule_preempt_disabled+0x15/0x30\n rwsem_down_read_slowpath+0x278/0x4c0\n down_read+0x59/0xb0\n page_cache_ra_unbounded+0x65/0x1b0\n filemap_get_pages+0x124/0x3e0\n filemap_read+0x114/0x3d0\n vfs_read+0x297/0x360\n ksys_read+0x6c/0xe0\n do_syscall_64+0x4b/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e","modified":"2026-05-18T05:56:15.109692188Z","published":"2025-04-16T14:13:05.289Z","related":["SUSE-SU-2025:02249-1","SUSE-SU-2025:02254-1","SUSE-SU-2025:02307-1","SUSE-SU-2025:02333-1","SUSE-SU-2025:02335-1","SUSE-SU-2025:02538-1","SUSE-SU-2025:02923-1","SUSE-SU-2025:20475-1","SUSE-SU-2025:20483-1","SUSE-SU-2025:20493-1","SUSE-SU-2025:20498-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/22xxx/CVE-2025-22120.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/32d872e3905746ff1048078256cb00f946b97d8a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/45314999f950321a341033ae8f9ac12dce40669b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/551667f99bcf04fa58594d7d19aef73c861a1200"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7e91ae31e2d264155dfd102101afc2de7bd74a64"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/22xxx/CVE-2025-22120.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-22120"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"93011887013dbaa0e3a0285176ca89be153df651"},{"fixed":"551667f99bcf04fa58594d7d19aef73c861a1200"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"b6ce2dbe984bcd7fb0c1df15b5e2fa57e1574a8e"},{"fixed":"45314999f950321a341033ae8f9ac12dce40669b"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"c7fc0366c65628fd69bfc310affec4918199aae2"},{"fixed":"32d872e3905746ff1048078256cb00f946b97d8a"},{"fixed":"7e91ae31e2d264155dfd102101afc2de7bd74a64"}]}],"versions":["v6.6.88","v6.6.87","v6.6.86","v6.6.85","v6.6.84","v6.6.83","v6.6.82","v6.6.81","v6.6.80","v6.6.79","v6.6.78","v6.6.77","v6.6.76","v6.6.75","v6.6.74","v6.6.73","v6.6.72","v6.6.71","v6.6.70","v6.12.25","v6.12.24","v6.12.23","v6.12.22","v6.12.21","v6.12.20","v6.12.19","v6.12.18","v6.12.17","v6.12.16","v6.12.15","v6.12.14","v6.12.13","v6.12.12","v6.12.11","v6.12.10","v6.12.9","v6.12.8","v6.12.7","v6.12.6","v6.12.5"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-22120.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.6.89"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.26"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.14.2"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-22120.json"}}],"schema_version":"1.7.5"}