PT-2025-31092 · Linux+5 · Linux Kernel+5

Published

2025-07-10

·

Updated

2026-04-20

·

CVE-2025-38496

CVSS v2.0

6.0

Medium

VectorAV:L/AC:H/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.0-rc3-g90548c634bd0
Description A flaw exists in the Linux kernel's dm-bufio subsystem related to scheduling within atomic context. When try verify in tasklet is enabled for dm-verity and DM BUFIO CLIENT NO SLEEP is enabled for dm-bufio, attempting to evict buffers can trigger scheduling within a spin lock, leading to a kernel BUG. This can occur when using veritysetup to format devices and mounting them read-only.
Recommendations Linux kernel versions prior to 6.16.0-rc3-g90548c634bd0 should be updated.

Exploit

Fix

Buffer Overflow

Weakness Enumeration

CWE-120

Related Identifiers

AZL-65925
BDU:2025-13523
CVE-2025-38496
DSA-5975-1
MGASA-2025-0218
MGASA-2025-0219
OESA-2025-1959
OESA-2025-1960
OESA-2025-1961
OPENSUSE-SU-2025:20081-1
SUSE-SU-2025:02853-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:02969-1
SUSE-SU-2025:02996-1
SUSE-SU-2025:02997-1
SUSE-SU-2025:03011-1
SUSE-SU-2025:03023-1
SUSE-SU-2025:20577-1
SUSE-SU-2025:20586-1
SUSE-SU-2025:20601-1
SUSE-SU-2025:20602-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025_02853-1
SUSE-SU-2025_02969-1
SUSE-SU-2025_02996-1
SUSE-SU-2025_02997-1
SUSE-SU-2025_03011-1
SUSE-SU-2025_03023-1
USN-7879-1
USN-7879-2
USN-7879-3
USN-7879-4
USN-7880-1
USN-7934-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu