CVE-2025-38498
published 2025-07-30CVE-2025-38498: In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts Ensure that propagation…
medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
In the Linux kernel, the following vulnerability has been resolved:
do_change_type(): refuse to operate on unmounted/not ours mounts
Ensure that propagation settings can only be changed for mounts located
in the caller's mount namespace. This change aligns permission checking
with the rest of mount(2).
Affected
26 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| linux | linux | — | — |
| linux | linux | >= 07b20889e3052c7e77d6a6a54e7e83446eb1ba84 < 787937c4e373f1722c4343e5a5a4eb0f8543e589 | 787937c4e373f1722c4343e5a5a4eb0f8543e589 |
| linux | linux | >= 07b20889e3052c7e77d6a6a54e7e83446eb1ba84 < c7d11fdf8e5db5f34a6c062c7e6ba3a0971879d2 | c7d11fdf8e5db5f34a6c062c7e6ba3a0971879d2 |
| linux | linux | >= 07b20889e3052c7e77d6a6a54e7e83446eb1ba84 < 432a171d60056489270c462e651e6c3a13f855b1 | 432a171d60056489270c462e651e6c3a13f855b1 |
| linux | linux | >= 07b20889e3052c7e77d6a6a54e7e83446eb1ba84 < 064014f7812744451d5d0592f3d2bcd727f2ee93 | 064014f7812744451d5d0592f3d2bcd727f2ee93 |
| linux | linux | >= 07b20889e3052c7e77d6a6a54e7e83446eb1ba84 < 4f091ad0862b02dc42a19a120b7048de848561f8 | 4f091ad0862b02dc42a19a120b7048de848561f8 |
| linux | linux | >= 07b20889e3052c7e77d6a6a54e7e83446eb1ba84 < 9c1ddfeb662b668fff69c5f1cfdd9f5d23d55d23 | 9c1ddfeb662b668fff69c5f1cfdd9f5d23d55d23 |
| linux | linux | >= 07b20889e3052c7e77d6a6a54e7e83446eb1ba84 < 19554c79a2095ddde850906a067915c1ef3a4114 | 19554c79a2095ddde850906a067915c1ef3a4114 |
| linux | linux | >= 07b20889e3052c7e77d6a6a54e7e83446eb1ba84 < 12f147ddd6de7382dad54812e65f3f08d05809fc | 12f147ddd6de7382dad54812e65f3f08d05809fc |
| linux | linux_kernel | >= 0 < 5.10.244-1 | 5.10.244-1 |
| linux | linux_kernel | >= 0 < 6.1.147-1 | 6.1.147-1 |
| linux | linux_kernel | >= 0 < 6.12.35-1 | 6.12.35-1 |
| linux | linux_kernel | >= 0 < 6.12.35-1 | 6.12.35-1 |
| linux | linux_kernel | >= 0 < 5.15.0-156.166 | 5.15.0-156.166 |
| linux | linux_kernel | >= 2.6.15 < 5.4.295 | 5.4.295 |
| linux | linux_kernel | >= 5.11 < 5.15.186 | 5.15.186 |
| linux | linux_kernel | >= 5.16 < 6.1.142 | 6.1.142 |
| linux | linux_kernel | >= 5.5 < 5.10.239 | 5.10.239 |
| linux | linux_kernel | >= 6.13 < 6.15.3 | 6.15.3 |
| linux | linux_kernel | >= 6.2 < 6.6.94 | 6.6.94 |
| linux | linux_kernel | >= 6.7 < 6.12.34 | 6.12.34 |
| msrc | azl3_kernel_6.6.92.2-2_on_azure_linux_3.0 | — | — |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv5.5MEDIUM