PT-2025-29060 · Linux+5 · Linux Kernel+5

Anubis

·

Published

2025-04-23

·

Updated

2026-04-20

·

CVE-2025-38338

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions:

Linux kernel (affected versions not specified)

Description:

A double-unlock bug exists in the nfs return empty folio() function within the NFS read functionality of the Linux kernel. This issue can lead to a deadlock when a file is read concurrently with truncation by another NFS client, due to the incorrect handling of the PG locked flag. Specifically, the folio unlock() function may be called twice, potentially causing processes to become stuck indefinitely while waiting for a folio lock that will never be released. The issue arises from a missing check in nfs return empty folio() when fscache is enabled, and can rarely manifest as a warning in netfs read collection().

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Double Free

Weakness Enumeration

CWE-415CWE-833

Related Identifiers

AZL-64911
BDU:2025-08794
CVE-2025-38338
MGASA-2025-0218
MGASA-2025-0219
OESA-2025-1959
OESA-2025-1960
OESA-2025-1961
OPENSUSE-SU-2025:20081-1
SUSE-SU-2025:02853-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:02969-1
SUSE-SU-2025:02996-1
SUSE-SU-2025:02997-1
SUSE-SU-2025:03011-1
SUSE-SU-2025:03023-1
SUSE-SU-2025:20577-1
SUSE-SU-2025:20586-1
SUSE-SU-2025:20601-1
SUSE-SU-2025:20602-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025_02853-1
SUSE-SU-2025_02969-1
SUSE-SU-2025_02996-1
SUSE-SU-2025_02997-1
SUSE-SU-2025_03011-1
SUSE-SU-2025_03023-1
USN-7833-1
USN-7833-2
USN-7833-3
USN-7833-4
USN-7834-1
USN-7856-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu