PT-2025-30765 · Linux+7 · Linux Kernel+7

Published

2025-01-01

·

Updated

2026-04-20

·

CVE-2025-38365

CVSS v3.1

4.7

Medium

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A race condition exists between file renames and directory logging within the Btrfs filesystem. This can lead to file loss if a crash or power failure occurs during the rename process before it is fully completed. Specifically, the issue arises when a file is being renamed within the same directory, and another task concurrently logs the inode. The log replay process, lacking information about the new file name, may incorrectly delete the file. The issue occurs because the logging of the directory does not fallback to a transaction commit, leading to an inconsistent state in the log tree.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Race Condition

Weakness Enumeration

CWE-362

Related Identifiers

BDU:2025-09255
CVE-2025-38365
DLA-4328-1
DSA-5973-1
ECHO-51C9-4086-CED6
MGASA-2025-0218
MGASA-2025-0219
OPENSUSE-SU-2025:20081-1
SUSE-SU-2025:02853-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:02969-1
SUSE-SU-2025:02996-1
SUSE-SU-2025:02997-1
SUSE-SU-2025:03011-1
SUSE-SU-2025:03023-1
SUSE-SU-2025:20577-1
SUSE-SU-2025:20586-1
SUSE-SU-2025:20601-1
SUSE-SU-2025:20602-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025_02853-1
SUSE-SU-2025_02969-1
SUSE-SU-2025_02996-1
SUSE-SU-2025_02997-1
SUSE-SU-2025_03011-1
SUSE-SU-2025_03023-1
USN-7833-1
USN-7833-2
USN-7833-3
USN-7833-4
USN-7834-1
USN-7856-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Btrfs
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu