CVE-2025-38615

MEDIUM EPSS 4.1%
Published Aug 19, 202510mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Aug 19, 2025 10mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: cancle set bad inode after removing name fails The reproducer uses a file0 on a ntfs3 file system with a corrupted i_link. When renaming, the file0's inode is marked as a bad inode because the file name cannot be deleted. The underlying bug is that make_bad_inode() is called on a live inode. In some cases it's "icache lookup finds a normal inode, d_splice_alias() is called to attach it to dentry, while another thread decides to call make_bad_inode() on it - that would evict it from icache, but we'd already found it there earlier". In some it's outright "we have an inode attached to dentry - that's how we got it in the first place; let's call make_bad_inode() on it just for shits and giggles".

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
4.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 4

VendorProductVersionRange
linuxlinux_kernel*≥5.15  –  <6.6.102
linuxlinux_kernel*≥6.7  –  <6.12.42
linuxlinux_kernel*≥6.13  –  <6.15.10
linuxlinux_kernel*≥6.16  –  <6.16.1

References 5

  • git.kernel.org https://git.kernel.org/stable/c/358d4f821c03add421a4c49290538a705852ccf1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3ed2cc6a6e93fbeb8c0cafce1e7fb1f64a331dcc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a285395020780adac1ffbc844069c3d700bf007a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b35a50d639ca5259466ef5fea85529bb4fb17d5b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d99208b91933fd2a58ed9ed321af07dacd06ddc3
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/358d4f821c03add421a4c49290538a705852ccf1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3ed2cc6a6e93fbeb8c0cafce1e7fb1f64a331dcc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a285395020780adac1ffbc844069c3d700bf007a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b35a50d639ca5259466ef5fea85529bb4fb17d5b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d99208b91933fd2a58ed9ed321af07dacd06ddc3
    Patch