CVE-2025-38058

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved. The issue is related to the legitimize mnt() function, where a check for MNT SYNC UMOUNT should be performed under mount lock. Without this check, there is a risk of stealing the final mntput from sync umount, which can lead to an increment in mnt count after umount(2) has verified that the victim is not busy. This can cause legitimize mnt() to fail to quietly undo the mnt count increment, resulting in a full-blown mntput().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.