CVE-2025-71106

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-71106
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-71106.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-71106
Downstream
Published
2026-01-14T15:05:55.192Z
Modified
2026-02-09T20:27:30.504922Z
Summary
fs: PM: Fix reverse check in filesystems_freeze_callback()
Details

In the Linux kernel, the following vulnerability has been resolved:

fs: PM: Fix reverse check in filesystemsfreezecallback()

The freezeallptr check in filesystemsfreezecallback() introduced by commit a3f8f8662771 ("power: always freeze efivarfs") is reverse which quite confusingly causes all file systems to be frozen when filesystemfreezeenabled is false.

On my systems it causes the WARNONONCE() in __settaskfrozen() to trigger, most likely due to an attempt to freeze a file system that is not ready for that.

Add a logical negation to the check in question to reverse it as appropriate.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71106.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
a3f8f8662771285511ae26c4c8d3ba1cd22159b9
Fixed
b107196729ff6b9d6cde0a71f49c1243def43328
Fixed
222047f68e8565c558728f792f6fef152a1d4d51

Affected versions

v6.*
v6.18
v6.18-rc2
v6.18-rc3
v6.18-rc4
v6.18-rc5
v6.18-rc6
v6.18-rc7
v6.18.1
v6.18.2

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-71106.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.18.0
Fixed
6.18.3

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-71106.json"