Vulnerabilities

CVE-2025-71161 - dm-verity: disable recursive forward error correction

2026-01-23 0 views admin

CVE ID : CVE-2025-71161 Published : Jan. 23, 2026, 3:23 p.m. | 1 hour, 6 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with the recursive correction: 1. It may cause denial-of-service. In fec_read_bufs, there is a loop that has 253 iterations. For each iteration, we may call verity_hash_for_block recursively. There is a limit of 4 nested recursions - that means that there may be at most 253^4 (4 billion) iterations. Red Hat QE team actually created an image that pushes dm-verity to this limit - and this image just makes the udev-worker process get stuck in the 'D' state. 2. It doesn't work. In fec_read_bufs we store data into the variable

CVE Details

CVE ID

CVE-2025-71161

Published

Jan. 23, 2026

Affected Product: Linux

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2025-71161linux

CVE-2025-71161 - dm-verity: disable recursive forward error correction

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2025-15510 - NEX-Forms – Ultimate Forms Plugin for WordPress <= 9.1.8 - missing authorization...

CVE-2020-37031 - Simple Startup Manager 1.17 - 'File' Local Buffer Overflow

CVE-2020-37029 - FTPDummy 4.80 - Local Buffer Overflow

CVE-2020-37042 - Frigate Professional 3.36.0.9 - 'Find Computer' Local Buffer Overflow

Trending

Tech: Go-legacy-winxp: Compile Golang 1.24 code for Windows XP

Tech: Data is the only moat

Tech: Pocket TTS: A high quality TTS that gives your CPU a voice

Tech: AWS European Sovereign Cloud

Tech: JuiceFS is a distributed POSIX file system built on top of Redis and S3