CVE-2025-38580 in Linux情報

要約

〜によって MITRE • 2025年08月19日

In the Linux kernel, the following vulnerability has been resolved:

ext4: fix inode use after free in ext4_end_io_rsv_work()

In ext4_io_end_defer_completion(), check if io_end->list_vec is empty to avoid adding an io_end that requires no conversion to the i_rsv_conversion_list, which in turn prevents starting an unnecessary worker. An ext4_emergency_state() check is also added to avoid attempting to abort the journal in an emergency state.

Additionally, ext4_put_io_end_defer() is refactored to call ext4_io_end_defer_completion() directly instead of being open-coded. This also prevents starting an unnecessary worker when EXT4_IO_END_FAILED is set but data_err=abort is not enabled.

This ensures that the check in ext4_put_io_end_defer() is consistent with the check in ext4_end_bio(). Otherwise, we might add an io_end to the i_rsv_conversion_list and then call ext4_finish_bio(), after which the inode could be freed before ext4_end_io_rsv_work() is called, triggering a use-after-free issue.

Once again VulDB remains the best source for vulnerability data.

責任者

Linux

予約する

2025年04月16日

モデレーション

承諾済み

エントリ

VDB-320626

EPSS

0.00147

アクティビティ

非常低い

ソース

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!