CVE-2025-39792: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability (CVE-2025-39792) was discovered in the Linux kernel related to device mapper (dm) BIO handling for zoned devices. The vulnerability was disclosed on September 12, 2025, affecting the Linux kernel's device mapper subsystem, specifically impacting dm-crypt and dm-flakey target drivers that support zoned devices (NVD).

The vulnerability involves incorrect BIO splitting in zoned DM targets that require zone append emulation. When using block layer zone write plugging, DM target drivers must not split BIOs using dmacceptpartial_bio() as this can lead to deadlocks with queue freeze operations. Additionally, regular write operations used for zone append emulation cannot be split by the target driver as it would result in invalid written sector value returns using the BIO sector (NVD).

The vulnerability could potentially lead to deadlocks with queue freeze operations and invalid sector value returns, affecting the proper functioning of zoned devices in Linux systems using dm-crypt or dm-flakey target drivers (NVD).

The issue has been resolved by modifying the dmzonebioneedssplit() function to use the block layer helper function bioneedszonewriteplugging(). This forces a call to biosplittolimits() in dmsplitandprocessbio(), allowing DM target drivers to avoid using dmacceptpartialbio() for write operations on zoned DM devices (NVD).