CVE-2025-38382
published 2025-07-25CVE-2025-38382: In the Linux kernel, the following vulnerability has been resolved: btrfs: fix iteration of extrefs during log replay At __inode_add_ref() when processing…
medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix iteration of extrefs during log replay
At __inode_add_ref() when processing extrefs, if we jump into the next
label we have an undefined value of victim_name.len, since we haven't
initialized it before we did the goto. This results in an invalid memory
access in the next iteration of the loop since victim_name.len was not
initialized to the length of the name of the current extref.
Fix this by initializing victim_name.len with the current extref's name
length.
Affected
30 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| linux | linux | — | — |
| linux | linux | >= 1cf474cd474bc5d3ef63086ffd009a87a5b7bb2e < 539969fc472886a1d63565459514d47e27fef461 | 539969fc472886a1d63565459514d47e27fef461 |
| linux | linux | >= 6.1.57 < 6.1.144 | 6.1.144 |
| linux | linux | >= e43eec81c5167b655b72c781b0e75e62a05e415e < 2d11d274e2e1d7c79e2ca8461ce3ff3a95c11171 | 2d11d274e2e1d7c79e2ca8461ce3ff3a95c11171 |
| linux | linux | >= e43eec81c5167b655b72c781b0e75e62a05e415e < 7ac790dc2ba00499a8d671d4a24de4d4ad27e234 | 7ac790dc2ba00499a8d671d4a24de4d4ad27e234 |
| linux | linux | >= e43eec81c5167b655b72c781b0e75e62a05e415e < aee57a0293dca675637e5504709f9f8fd8e871be | aee57a0293dca675637e5504709f9f8fd8e871be |
| linux | linux | >= e43eec81c5167b655b72c781b0e75e62a05e415e < 54a7081ed168b72a8a2d6ef4ba3a1259705a2926 | 54a7081ed168b72a8a2d6ef4ba3a1259705a2926 |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 6.1.147-1 | 6.1.147-1 |
| linux | linux_kernel | >= 0 < 6.12.37-1 | 6.12.37-1 |
| linux | linux_kernel | >= 0 < 6.12.37-1 | 6.12.37-1 |
| linux | linux_kernel | >= 0 < 6.8.0-100.100 | 6.8.0-100.100 |
| linux | linux_kernel | >= 6.1.57 < 6.1.144 | 6.1.144 |
| linux | linux_kernel | >= 6.13 < 6.15.6 | 6.15.6 |
| linux | linux_kernel | >= 6.2 < 6.6.97 | 6.6.97 |
| linux | linux_kernel | >= 6.7 < 6.12.37 | 6.12.37 |
| msrc | azl3_kernel_6.6.96.2-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_kernel_6.6.96.2-2_on_azure_linux_3.0 | — | — |
| ubuntu | linux-aws | — | — |
| ubuntu | linux-aws-6.8 | — | — |
| ubuntu | linux-gkeop | — | — |
| ubuntu | linux-nvidia | — | — |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv5.6MEDIUM