Linux kernel HFS sb->s_fs_info memory leak via superblock init
CVE-2025-71230 Published on February 18, 2026
hfs: ensure sb->s_fs_info is always cleaned up
In the Linux kernel, the following vulnerability has been resolved:
hfs: ensure sb->s_fs_info is always cleaned up
When hfs was converted to the new mount api a bug was introduced by
changing the allocation pattern of sb->s_fs_info. If setup_bdev_super()
fails after a new superblock has been allocated by sget_fc(), but before
hfs_fill_super() takes ownership of the filesystem-specific s_fs_info
data it was leaked.
Fix this by freeing sb->s_fs_info in hfs_kill_super().
Products Associated with CVE-2025-71230
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2025-71230 are published in Linux Kernel:
Affected Versions
Linux:- Version ffcd06b6d13b72823aba0d7c871f7e4876e7916b and below 46c1d56ad321fb024761abd9af61a0cb616cf2f6 is affected.
- Version ffcd06b6d13b72823aba0d7c871f7e4876e7916b and below 399219831514126bc9541e8eadefe02c6fbd9166 is affected.
- Version ffcd06b6d13b72823aba0d7c871f7e4876e7916b and below 05ce49a902be15dc93854cbfc20161205a9ee446 is affected.
- Version 6.13 is affected.
- Before 6.13 is unaffected.
- Version 6.18.11, <= 6.18.* is unaffected.
- Version 6.19.1, <= 6.19.* is unaffected.
- Version 7.0-rc1, <= * is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.