PT-2025-27981 · Linux+5 · Linux Kernel+5

Published

2025-04-01

·

Updated

2026-04-20

·

CVE-2025-38206

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: A double free issue in the exfat module has been resolved. The double free could occur in a specific path involving the exfat create upcase table(), exfat free upcase table(), exfat load default upcase table(), and exfat kill sb() functions. This issue is related to the delayed free() function, which calls exfat free upcase table() and results in a double free of the ->vol utbl variable. The patch sets ->vol util to NULL after freeing it to prevent this issue.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Double Free

Weakness Enumeration

CWE-415

Related Identifiers

ALSA-2026:3066
ALSA-2026:3275
BDU:2025-15483
CVE-2025-38206
DLA-4327-1
ECHO-1766-83C3-8521
RHSA-2026:3066
RHSA-2026:3275
RHSA-2026:4246
RHSA-2026:4745
RHSA-2026:6948
RHSA-2026:6986
RHSA-2026:7013
RHSA-2026:7100
SUSE-SU-2025:02588-1
SUSE-SU-2025:02849-1
SUSE-SU-2025:02851-1
SUSE-SU-2025:02852-1
SUSE-SU-2025:02853-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:02969-1
SUSE-SU-2025:02996-1
SUSE-SU-2025:02997-1
SUSE-SU-2025:03011-1
SUSE-SU-2025:03023-1
SUSE-SU-2025:03310-1
SUSE-SU-2025:03384-1
SUSE-SU-2025:03636-1
SUSE-SU-2025:03638-1
SUSE-SU-2025:03646-1
SUSE-SU-2025:03650-1
SUSE-SU-2025:03663-1
SUSE-SU-2025:03664-1
SUSE-SU-2025:03666-1
SUSE-SU-2025:03671-1
SUSE-SU-2025:03672-1
SUSE-SU-2025:20577-1
SUSE-SU-2025:20586-1
SUSE-SU-2025:20601-1
SUSE-SU-2025:20602-1
SUSE-SU-2025:20873-1
SUSE-SU-2025:20874-1
SUSE-SU-2025:20875-1
SUSE-SU-2025:20876-1
SUSE-SU-2025:20877-1
SUSE-SU-2025:20878-1
SUSE-SU-2025:20879-1
SUSE-SU-2025:20881-1
SUSE-SU-2025:20882-1
SUSE-SU-2025:20883-1
SUSE-SU-2025:20884-1
SUSE-SU-2025:20885-1
SUSE-SU-2025:20886-1
SUSE-SU-2025:20887-1
SUSE-SU-2025:20888-1
SUSE-SU-2025:20890-1
SUSE-SU-2025:20891-1
SUSE-SU-2025:20902-1
SUSE-SU-2025:20903-1
SUSE-SU-2025:20904-1
SUSE-SU-2025:20905-1
SUSE-SU-2025:20906-1
SUSE-SU-2025:20907-1
SUSE-SU-2025:20909-1
SUSE-SU-2025:20912-1
SUSE-SU-2025:20913-1
SUSE-SU-2025:20914-1
SUSE-SU-2025:20915-1
SUSE-SU-2025:20916-1
SUSE-SU-2025:20917-1
SUSE-SU-2025:20918-1
SUSE-SU-2025:20920-1
SUSE-SU-2025:2588-1
SUSE-SU-2025:3675-1
SUSE-SU-2025:3679-1
SUSE-SU-2025:3683-1
SUSE-SU-2025:3704-1
SUSE-SU-2025:3705-1
SUSE-SU-2025:3712-1
SUSE-SU-2025:3717-1
SUSE-SU-2025:3721-1
SUSE-SU-2025:3731-1
SUSE-SU-2025:3733-1
SUSE-SU-2025:3734-1
SUSE-SU-2025:3736-1
SUSE-SU-2025:3742-1
SUSE-SU-2025:3748-1
SUSE-SU-2025:3755-1
SUSE-SU-2025:3762-1
SUSE-SU-2025:3764-1
SUSE-SU-2025:3765-1
SUSE-SU-2025:3768-1
SUSE-SU-2025:3771-1
SUSE-SU-2025:3772-1
SUSE-SU-2025_02588-1
SUSE-SU-2025_02849-1
SUSE-SU-2025_02853-1
SUSE-SU-2025_02969-1
SUSE-SU-2025_02996-1
SUSE-SU-2025_02997-1
SUSE-SU-2025_03011-1
SUSE-SU-2025_03023-1
SUSE-SU-2025_03310-1
USN-7774-1
USN-7774-2
USN-7774-3
USN-7774-4
USN-7774-5
USN-7775-1
USN-7775-2
USN-7775-3
USN-7776-1
USN-7833-1
USN-7833-2
USN-7833-3
USN-7833-4
USN-7834-1
USN-7856-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Suse
Ubuntu