CVE-2025-38306

MEDIUM EPSS 1.3%
Published Jul 10, 202511mo ago · Modified Jun 17, 20261w ago
4.7 CVSS 3.1
Medium
Find Similar
Published Jul 10, 2025 11mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: fs/fhandle.c: fix a race in call of has_locked_children() may_decode_fh() is calling has_locked_children() while holding no locks. That's an oopsable race... The rest of the callers are safe since they are holding namespace_sem and are guaranteed a positive refcount on the mount in question. Rename the current has_locked_children() to __has_locked_children(), make it static and switch the fs/namespace.c users to it. Make has_locked_children() a wrapper for __has_locked_children(), calling the latter under read_seqlock_excl(&mount_lock).

CVSS Details

Base Score
4.7
Exploitability
1.0
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity High
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
1.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-362

Affected Products 2

VendorProductVersionRange
linuxlinux_kernel*≥6.11  –  <6.12.46
linuxlinux_kernel*≥6.13  –  <6.15.3

References 3

  • git.kernel.org https://git.kernel.org/stable/c/1f282cdc1d219c4a557f7009e81bc792820d9d9a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/287c7d34eedd37af1272dfb3b6e8656f4f026424
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6482c3dccbfb8d20e2856ce67c75856859930b3f
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1f282cdc1d219c4a557f7009e81bc792820d9d9a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/287c7d34eedd37af1272dfb3b6e8656f4f026424
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6482c3dccbfb8d20e2856ce67c75856859930b3f
    Patch