CVE-2025-38498Linux vulnerability

39 documents8 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 89.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedJul 30
Latest updateDec 3

Description

In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking with the rest of mount(2).

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel2.6.155.4.295+6
Debianlinux/linux_kernel< 5.10.244-1+3
Ubuntulinux/linux_kernel< 5.15.0-156.166
CVEListV5linux/linux07b20889e3052c7e77d6a6a54e7e83446eb1ba84787937c4e373f1722c4343e5a5a4eb0f8543e589+8

Also affects: Debian Linux 11.0

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

19
OSV
linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlate2025-12-03
OSV
linux, linux-aws, linux-gcp, linux-gcp-6.14, linux-oracle, linux-realtime vulnerabilities2025-12-03
OSV
linux-raspi vulnerabilities2025-10-08
OSV
linux-nvidia-tegra-igx vulnerabilities2025-10-06
OSV
linux-kvm vulnerabilities2025-10-01

📋Vendor Advisories

19
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2025-10-08
Ubuntu
Linux kernel (NVIDIA Tegra IGX) vulnerabilities2025-10-06
Ubuntu
Linux kernel (KVM) vulnerabilities2025-10-01
Ubuntu
Linux kernel (Azure) vulnerabilities2025-10-01
Ubuntu
Linux kernel (Oracle) vulnerabilities2025-10-01
CVE-2025-38498 — Linux vulnerability | cvebase