CVE-2025-38220

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A vulnerability in the Linux kernel has been identified, which can cause a kernel NULL pointer dereference when processing a symlink inode from the orphan list. This issue arises due to the partial block zeroing code in the truncate path calling ext4 dirty journalled data() and subsequently folio mark dirty(), but symlink inodes are not assigned an a ops vector in ext4. The vulnerability can be triggered by fstest generic/388, which occasionally reproduces a crash.

Recommendations: To resolve this issue, update the ext4 dirty journalled data() helper to only mark the folio dirty on regular files, for which a ops is assigned. This change aligns with the journaling logic in the ext4 symlink() creation path. At the moment, there is no information about a newer version that contains a fix for this vulnerability.