CVE-2025-38692

Published: September 5, 2025Last modified: September 5, 2025

Description

In the Linux kernel, the following vulnerability has been resolved: exfat: add cluster chain loop check for dir An infinite loop may occur if the following conditions occur due to file system corruption. (1) Condition for exfat_count_dir_entries() to loop infinitely. - The cluster chain includes a loop. - There is no UNUSED entry in the cluster chain. (2) Condition for exfat_create_upcase_table() to loop infinitely. - The cluster chain of the root directory includes a loop. - There are no UNUSED entry and up-case table entry in the cluster chain of the root directory. (3) Condition for exfat_load_bitmap() to loop infinitely. - The cluster chain of the root directory includes a loop. - There are no UNUSED entry and bitmap entry in the cluster chain of the root directory. (4) Condition for exfat_find_dir_entry() to loop infinitely. - The cluster chain includes a loop. - The unused directory entries were exhausted by some operation. (5) Condition for exfat_check_dir_empty() to loop infinitely. - The cluster chain includes a loop. - The unused directory entries were exhausted by some operation. - All files and sub-directories under the directory are deleted. This commit adds checks to break the above infinite loop.

Severity score breakdown

Status

References

• https://git.kernel.org/stable/c/4c3cda20c4cf1871e27868d08fda06b79bc7d568
• https://git.kernel.org/stable/c/868f23286c1a13162330fa6c614fe350f78e3f82
• https://git.kernel.org/stable/c/99f9a97dce39ad413c39b92c90393bbd6778f3fd
• https://git.kernel.org/stable/c/aa8fe7b7b73d4c9a41bb96cb3fb3092f794ecb33
• https://git.kernel.org/stable/c/e2066ca3ef49a30920d8536fa366b2a183a808ee