CVE-2025-38709
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
04/09/2025
Last modified:
03/12/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
loop: Avoid updating block size under exclusive owner<br />
<br />
Syzbot came up with a reproducer where a loop device block size is<br />
changed underneath a mounted filesystem. This causes a mismatch between<br />
the block device block size and the block size stored in the superblock<br />
causing confusion in various places such as fs/buffer.c. The particular<br />
issue triggered by syzbot was a warning in __getblk_slow() due to<br />
requested buffer size not matching block device block size.<br />
<br />
Fix the problem by getting exclusive hold of the loop device to change<br />
its block size. This fails if somebody (such as filesystem) has already<br />
an exclusive ownership of the block device and thus prevents modifying<br />
the loop device under some exclusive owner which doesn&#39;t expect it.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.6.109 (excluding) | |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.12.43 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.13 (including) | 6.15.11 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.16 (including) | 6.16.2 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/139a000d20f2f38ce34296feddd641d730fe1c08
- https://git.kernel.org/stable/c/457d2c5e112fd08dc1039b1ae39a83ec1782360d
- https://git.kernel.org/stable/c/5d67b30aefeb7a949040bbb1b4e3b84c5d29a624
- https://git.kernel.org/stable/c/7e49538288e523427beedd26993d446afef1a6fb
- https://git.kernel.org/stable/c/b928438cc87c0bf7ae078e4b7b6e14261e84c5c5