CVE-2025-38692
Published: September 5, 2025Last modified: September 5, 2025
Description
In the Linux kernel, the following vulnerability has been resolved: exfat: add cluster chain loop check for dir An infinite loop may occur if the following conditions occur due to file system corruption. (1) Condition for exfat_count_dir_entries() to loop infinitely. - The cluster chain includes a loop. - There is no UNUSED entry in the cluster chain. (2) Condition for exfat_create_upcase_table() to loop infinitely. - The cluster chain of the root directory includes a loop. - There are no UNUSED entry and up-case table entry in the cluster chain of the root directory. (3) Condition for exfat_load_bitmap() to loop infinitely. - The cluster chain of the root directory includes a loop. - There are no UNUSED entry and bitmap entry in the cluster chain of the root directory. (4) Condition for exfat_find_dir_entry() to loop infinitely. - The cluster chain includes a loop. - The unused directory entries were exhausted by some operation. (5) Condition for exfat_check_dir_empty() to loop infinitely. - The cluster chain includes a loop. - The unused directory entries were exhausted by some operation. - All files and sub-directories under the directory are deleted. This commit adds checks to break the above infinite loop.
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Vulnerable (6.1.147-r0) |
| 25 LTS | linux-lts | Fixed (6.12.44-r0) | |
| Stream | linux-lts | Fixed (6.12.43-r0) |
References
- https://git.kernel.org/stable/c/4c3cda20c4cf1871e27868d08fda06b79bc7d568
- https://git.kernel.org/stable/c/868f23286c1a13162330fa6c614fe350f78e3f82
- https://git.kernel.org/stable/c/99f9a97dce39ad413c39b92c90393bbd6778f3fd
- https://git.kernel.org/stable/c/aa8fe7b7b73d4c9a41bb96cb3fb3092f794ecb33
- https://git.kernel.org/stable/c/e2066ca3ef49a30920d8536fa366b2a183a808ee