PT-2025-29022 · Linux+5 · Linux Kernel+5

Anubis

Published

2025-07-10

Updated

2026-03-06

CVE-2025-38302

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A flaw exists in the Linux kernel related to block I/O operations. Specifically, using submit bio noacct nocheck in blk zone wplug bio work duplicates work and can lead to deadlocks when freezing a queue with pending bio write plugs. The issue arises because BIOS queued in the zone write plug have already undergone preparation in the submit bio path, including freeze protection. Bypassing this protection with submit bio noacct nocheck introduces the potential for deadlocks.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-833CWE-667

Related Identifiers

BDU:2025-10740

CVE-2025-38302

OPENSUSE-SU-2025:20081-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

USN-7769-1

USN-7769-2

USN-7769-3

USN-7770-1

USN-7771-1

USN-7789-1

USN-7789-2

Affected Products

Astra Linux

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

PT-2025-29022 · Linux+5 · Linux Kernel+5

CVE-2025-38302

Weakness Enumeration

Related Identifiers

Affected Products

References · 1471