CVE-2025-38579 — Use of Uninitialized Resource in Linux

CWE-908 — Use of Uninitialized Resource35 documents8 sources

Severity

7.8HIGHNVD

EPSS

0.0%

top 95.84%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedAug 19

Latest updateMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix KMSAN uninit-value in extent_info usage KMSAN reported a use of uninitialized value in `__is_extent_mergeable()` and `__is_back_mergeable()` via the read extent tree path. The root cause is that `get_read_extent_info()` only initializes three fields (`fofs`, `blk`, `len`) of `struct extent_info`, leaving the remaining fields uninitialized. This leads to undefined behavior when those fields are accessed later, especi…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

▶NVDlinux/linux_kernel5.15 — 5.15.190+5

▶Debianlinux/linux_kernel< 6.1.148-1+2

▶CVEListV5linux/linux94afd6d6e5253179c9b891d02081cc8355a11768 — 08e8ab00a6d20d5544c932ee85a297d833895141+7

Also affects: Debian Linux 11.0

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

GHSA

GHSA-6x6v-877j-v9fv: In the Linux kernel, the following vulnerability has been resolved: f2fs: fix KMSAN uninit-value in extent_info usage KMSAN reported a use of uninit↗2025-08-19

▶

CVEList

f2fs: fix KMSAN uninit-value in extent_info usage↗2025-08-19

▶

OSV

CVE-2025-38579: In the Linux kernel, the following vulnerability has been resolved: f2fs: fix KMSAN uninit-value in extent_info usage KMSAN reported a use of uninitia↗2025-08-19

▶

📋Vendor Advisories

Ubuntu

Linux kernel (Azure) vulnerabilities↗2026-03-25

▶

Ubuntu

Linux kernel (Azure) vulnerabilities↗2026-03-04

▶

Ubuntu

Linux kernel (Azure FIPS) vulnerabilities↗2026-03-04

▶

Ubuntu

Linux kernel (Xilinx) vulnerabilities↗2026-02-24

▶

Ubuntu

Linux kernel (IBM) vulnerabilities↗2026-02-24

▶