CVE-2025-38206

High CVSS: 7.8

In the Linux kernel, the following vulnerability has been resolved:

exfat: fix double free in delayed_free

The double free could happen in the following path.

exfat_create_upcase_table()
exfat_create_upcase_table() : return error
exfat_free_upcase_table() : free ->vol_utbl
exfat_load_default_upcase_table : return error
exfat_kill_sb()
delayed_free()
exfat_free_upcase_table() <--------- double free
This patch set ->vol_util as NULL after freeing it.

Vendor

Linux

Product

Linux Kernel

CWE

CWE-415

Yayın Tarihi

2025-07-04 14:15:28

Güncelleme

2025-12-18 21:17:09

Source Identifier

416baaa9-dc9f-4396-8d5f-8c081fb06d67

KEV Date Added

Kategoriler

CWE-415 Linux Kernel HIGH Linux 2025

Referanslar

https://git.kernel.org/stable/c/13d8de1b6568dcc31a95534ced16bc0c9a67bc15 https://git.kernel.org/stable/c/1f3d9724e16d62c7d42c67d6613b8512f2887c22 https://git.kernel.org/stable/c/66e84439ec2af776ce749e8540f8fdd257774152 https://git.kernel.org/stable/c/d3cef0e7a5c1aa6217c51faa9ce8ecac35d6e1fd https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html

Benzer Kayıtlar

Medium

CVE-2026-23238

In the Linux kernel, the following vulnerability has been resolved: romfs: check sb_set_blocksize() return value romfs…

Medium

CVE-2026-23237

In the Linux kernel, the following vulnerability has been resolved: platform/x86: classmate-laptop: Add missing NULL po…

High

CVE-2026-23236

In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: properly copy ioctl memory to kerne…

High

CVE-2026-23235

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix out-of-bounds access in sysfs attribute r…

High

CVE-2026-23234

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid UAF in f2fs_write_end_io() As s…

High

CVE-2026-23233

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid mapping wrong physical block for…