PT-2025-31376 · Linux+10 · Linux Kernel+10

Publicado

2025-06-04

·

Atualizado

2026-05-26

·

CVE-2025-38498

CVSS v3.1

5.5

Média

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The do change type() function previously allowed operations on unmounted or improperly owned mounts. This issue has been resolved by ensuring that propagation settings can only be modified for mounts within the caller's mount namespace, aligning permission checks with the rest of the mount(2) system call.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Initialization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-665

Identificadores relacionados

ALSA-2025:15782
ALSA-2025:16372
ALSA-2025:16398
BDU:2025-09314
CESA-2025_16372
CVE-2025-38498
DLA-4327-1
DLA-4328-1
DSA-5973-1
ECHO-FE5C-A7AB-206F
INFSA-2025_16372
INFSA-2025_16398
INFSA-2025_21469
MGASA-2025-0218
MGASA-2025-0219
OESA-2025-1959
OESA-2025-1960
OESA-2025-1961
OESA-2025-1963
OESA-2025-1964
OESA-2025-2271
RHSA-2025:21118
RHSA-2025_16372
RHSA-2025_16398
RHSA-2025_21469
SUSE-SU-2025:02853-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:02969-1
SUSE-SU-2025:02996-1
SUSE-SU-2025:02997-1
SUSE-SU-2025:03011-1
SUSE-SU-2025:03023-1
SUSE-SU-2025:03204-1
SUSE-SU-2025:03283-1
SUSE-SU-2025:03310-1
SUSE-SU-2025:03314-1
SUSE-SU-2025:03315-1
SUSE-SU-2025:03317-1
SUSE-SU-2025:03318-1
SUSE-SU-2025:03319-1
SUSE-SU-2025:03321-1
SUSE-SU-2025:03329-1
SUSE-SU-2025:03336-1
SUSE-SU-2025:03337-1
SUSE-SU-2025:03339-1
SUSE-SU-2025:03341-1
SUSE-SU-2025:03342-1
SUSE-SU-2025:03343-1
SUSE-SU-2025:03344-1
SUSE-SU-2025:03350-1
SUSE-SU-2025:03356-1
SUSE-SU-2025:03358-1
SUSE-SU-2025:03359-1
SUSE-SU-2025:03362-1
SUSE-SU-2025:03363-1
SUSE-SU-2025:03370-1
SUSE-SU-2025:03374-1
SUSE-SU-2025:03375-1
SUSE-SU-2025:03379-1
SUSE-SU-2025:03381-1
SUSE-SU-2025:03383-1
SUSE-SU-2025:03384-1
SUSE-SU-2025:03387-1
SUSE-SU-2025:03389-1
SUSE-SU-2025:03391-1
SUSE-SU-2025:03392-1
SUSE-SU-2025:03393-1
SUSE-SU-2025:03395-1
SUSE-SU-2025:03396-1
SUSE-SU-2025:03397-1
SUSE-SU-2025:03400-1
SUSE-SU-2025:03403-1
SUSE-SU-2025:03406-1
SUSE-SU-2025:03408-1
SUSE-SU-2025:03410-1
SUSE-SU-2025:03411-1
SUSE-SU-2025:03412-1
SUSE-SU-2025:03413-1
SUSE-SU-2025:03414-1
SUSE-SU-2025:03416-1
SUSE-SU-2025:03418-1
SUSE-SU-2025:03419-1
SUSE-SU-2025:20577-1
SUSE-SU-2025:20586-1
SUSE-SU-2025:20601-1
SUSE-SU-2025:20602-1
SUSE-SU-2025:20722-1
SUSE-SU-2025:20723-1
SUSE-SU-2025:20724-1
SUSE-SU-2025:20725-1
SUSE-SU-2025:20726-1
SUSE-SU-2025:20727-1
SUSE-SU-2025:20728-1
SUSE-SU-2025:20729-1
SUSE-SU-2025:20730-1
SUSE-SU-2025:20731-1
SUSE-SU-2025:20732-1
SUSE-SU-2025:20733-1
SUSE-SU-2025:20734-1
SUSE-SU-2025:20735-1
SUSE-SU-2025:20736-1
SUSE-SU-2025:20737-1
SUSE-SU-2025:20738-1
SUSE-SU-2025:20768-1
SUSE-SU-2025:20769-1
SUSE-SU-2025:20770-1
SUSE-SU-2025:20771-1
SUSE-SU-2025:20772-1
SUSE-SU-2025:20773-1
SUSE-SU-2025:20774-1
SUSE-SU-2025:20784-1
SUSE-SU-2025:20785-1
SUSE-SU-2025:20786-1
SUSE-SU-2025:20787-1
SUSE-SU-2025:20788-1
SUSE-SU-2025:20789-1
SUSE-SU-2025:20790-1
SUSE-SU-2025:20791-1
SUSE-SU-2025:4123-1
SUSE-SU-2025:4315-1
SUSE-SU-2025_02853-1
SUSE-SU-2025_02969-1
SUSE-SU-2025_02996-1
SUSE-SU-2025_02997-1
SUSE-SU-2025_03011-1
SUSE-SU-2025_03023-1
SUSE-SU-2025_03204-1
SUSE-SU-2025_03310-1
SUSE-SU-2025_03314-1
SUSE-SU-2025_03344-1
USN-7769-1
USN-7769-2
USN-7769-3
USN-7770-1
USN-7771-1
USN-7774-1
USN-7774-2
USN-7774-3
USN-7774-4
USN-7774-5
USN-7775-1
USN-7775-2
USN-7775-3
USN-7776-1
USN-7789-1
USN-7789-2

Produtos afetados

Almalinux
Astra Linux
Centos
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu