Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: erofs: avoid using multiple devices with different type For multiple devices, both primary and extra devices should be the same type. `erofs_init_device` has already guaranteed that if the primary is a file-backed device, extra devices should also be regular files. However, if the primary is a block device while the extra device is a file-backed device, `erofs_init_device` will get an ENOTBLK, which is not treated as an error in `erofs_fc_get_tree`, and that leads to an UAF: erofs_fc_get_tree get_tree_bdev_flags(erofs_fc_fill_super) erofs_read_superblock erofs_init_device // sbi->dif0 is not inited yet, // return -ENOTBLK deactivate_locked_super free(sbi) if (err is -ENOTBLK) sbi->dif0.file = filp_open() // sbi UAF So if -ENOTBLK is hitted in `erofs_init_device`, it means the primary device must be a block device, and the extra device is not a block device. The error can be converted to -EINVAL.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 6.12, < 6.12.34 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/65115472f741ca000d7ea4a5922214f93cd1516ePatch
- https://git.kernel.org/stable/c/9748f2f54f66743ac77275c34886a9f890e18409Patch
- https://git.kernel.org/stable/c/cd04beb9ce2773a16057248bb4fa424068ae3807Patch
FAQ
What is CVE-2025-38172?
CVE-2025-38172 is a vulnerability with a CVSS score of 7.8 (HIGH). In the Linux kernel, the following vulnerability has been resolved: erofs: avoid using multiple devices with different type For multiple devices, both primary and extra devices should be the same ty...
How severe is CVE-2025-38172?
CVE-2025-38172 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-38172?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.