You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 39731
About this tag
CVE-2025-39731 is a vulnerability in the F2FS (Flash-Friendly File System) subsystem, primarily affecting Azure Linux. Microsoft has publicly confirmed that Azure Linux includes the vulnerable open-source library and is potentially affected. However, this confirmation is scoped to Azure Linux only; other Microsoft products or images that ship the F2FS subsystem may also be vulnerable but have not been explicitly confirmed. Operators are advised to verify their own inventories and treat any Microsoft image or kernel containing F2FS as potentially affected until proven otherwise. The discussion on WindowsForum.com focuses on the scope of the vulnerability and the need for thorough patch verification across all Microsoft artifacts.
Microsoft’s brief public attestation that “Azure Linux includes this open‑source library and is therefore potentially affected” is correct — but it is a scoped, product‑level inventory statement, not a categorical guarantee that no other Microsoft product or image could include the same...