CVE-2025-38139

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.15.0-rc6-syzkaller-00052-g9f35e33144ae

Description: A vulnerability in the Linux kernel has been resolved, related to the resetting of the subrequest iterator in netfs retry write stream(). The issue occurs when the iterator may have been shortened by a previous retry, causing the amount of data to be written by the subrequest to be incorrect. This can lead to an error in iov iter revert(), resulting in a slab-out-of-bounds bug. The vulnerability can be exploited, causing a denial-of-service.

Recommendations: For Linux kernel versions prior to 6.15.0-rc6-syzkaller-00052-g9f35e33144ae, update to a newer version that includes the fix for the netfs subrequest iterator resetting issue. As a temporary workaround, consider disabling the netfs retry write stream() function until a patch is available. Restrict access to the vulnerable netfs module to minimize the risk of exploitation. Avoid using the subreq->len variable in the affected API endpoint until the issue is resolved.