CVE-2025-38499

CVSS v2.0

6.2

Medium

Vector

AV:L/AC:L/Au:S/C:N/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The clone private mnt() function did not properly verify that the caller has CAP SYS ADMIN privileges within the correct user namespace. This could potentially allow exposure of hidden mounts that cannot be undone, particularly in scenarios involving MNT LOCKED mounts or lacking administrative rights in the user namespace where the mount belongs. The existing checks within the mount API were found to be insufficient in covering this specific scenario.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

ALSA-2025:23241

ALSA-2025:23279

AZL-66174

AZL-73470

BDU:2025-15160

CVE-2025-38499

DLA-4328-1

DSA-5973-1

DSA-5975-1

ECHO-D033-1284-66C9

OESA-2026-1306

OESA-2026-2417

OESA-2026-2418

OPENSUSE-SU-2025:20081-1

RHSA-2025:23241

RHSA-2025:23250

RHSA-2025:23279

RHSA-2025:23730

SUSE-SU-2025:03204-1

SUSE-SU-2025:03272-1

SUSE-SU-2025:03283-1

SUSE-SU-2025:03290-1

SUSE-SU-2025:03301-1

SUSE-SU-2025:03310-1

SUSE-SU-2025:03314-1

SUSE-SU-2025:03344-1

SUSE-SU-2025:03382-1

SUSE-SU-2025:03383-1

SUSE-SU-2025:03384-1

SUSE-SU-2025:03602-1

SUSE-SU-2025:03633-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:03636-1

SUSE-SU-2025:03638-1

SUSE-SU-2025:03643-1

SUSE-SU-2025:03646-1

SUSE-SU-2025:03650-1

SUSE-SU-2025:03652-1

SUSE-SU-2025:03653-1

SUSE-SU-2025:03656-1

SUSE-SU-2025:03662-1

SUSE-SU-2025:03663-1

SUSE-SU-2025:03664-1

SUSE-SU-2025:03666-1

SUSE-SU-2025:03671-1

SUSE-SU-2025:03672-1

SUSE-SU-2025:20653-1

SUSE-SU-2025:20669-1

SUSE-SU-2025:20739-1

SUSE-SU-2025:20756-1

SUSE-SU-2025:20873-1

SUSE-SU-2025:20874-1

SUSE-SU-2025:20875-1

SUSE-SU-2025:20876-1

SUSE-SU-2025:20877-1

SUSE-SU-2025:20878-1

SUSE-SU-2025:20879-1

SUSE-SU-2025:20880-1

SUSE-SU-2025:20881-1

SUSE-SU-2025:20882-1

SUSE-SU-2025:20883-1

SUSE-SU-2025:20884-1

SUSE-SU-2025:20885-1

SUSE-SU-2025:20886-1

SUSE-SU-2025:20887-1

SUSE-SU-2025:20888-1

SUSE-SU-2025:20889-1

SUSE-SU-2025:20890-1

SUSE-SU-2025:20891-1

SUSE-SU-2025:20902-1

SUSE-SU-2025:20903-1

SUSE-SU-2025:20904-1

SUSE-SU-2025:20905-1

SUSE-SU-2025:20906-1

SUSE-SU-2025:20907-1

SUSE-SU-2025:20908-1

SUSE-SU-2025:20909-1

SUSE-SU-2025:20912-1

SUSE-SU-2025:20913-1

SUSE-SU-2025:20914-1

SUSE-SU-2025:20915-1

SUSE-SU-2025:20916-1

SUSE-SU-2025:20917-1

SUSE-SU-2025:20918-1

SUSE-SU-2025:20919-1

SUSE-SU-2025:20920-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

SUSE-SU-2025:3675-1

SUSE-SU-2025:3679-1

SUSE-SU-2025:3683-1

SUSE-SU-2025:3703-1

SUSE-SU-2025:3704-1

SUSE-SU-2025:3705-1

SUSE-SU-2025:3712-1

SUSE-SU-2025:3717-1

SUSE-SU-2025:3720-1

SUSE-SU-2025:3721-1

SUSE-SU-2025:3731-1

SUSE-SU-2025:3733-1

SUSE-SU-2025:3734-1

SUSE-SU-2025:3736-1

SUSE-SU-2025:3740-1

SUSE-SU-2025:3742-1

SUSE-SU-2025:3748-1

SUSE-SU-2025:3755-1

SUSE-SU-2025:3762-1

SUSE-SU-2025:3764-1

SUSE-SU-2025:3765-1

SUSE-SU-2025:3768-1

SUSE-SU-2025:3770-1

SUSE-SU-2025:3771-1

SUSE-SU-2025:3772-1

SUSE-SU-2025:4123-1

SUSE-SU-2025_03204-1

SUSE-SU-2025_03272-1

SUSE-SU-2025_03290-1

SUSE-SU-2025_03301-1

SUSE-SU-2025_03310-1

SUSE-SU-2025_03314-1

SUSE-SU-2025_03344-1

SUSE-SU-2025_03382-1

USN-7769-1

USN-7769-2

USN-7769-3

USN-7770-1

USN-7771-1

USN-7789-1

USN-7789-2

USN-7909-1

USN-7909-2

USN-7909-3

USN-7909-4

USN-7909-5

USN-7910-1

USN-7910-2

USN-7933-1

USN-7938-1

USN-8028-1

USN-8028-2

USN-8028-3

USN-8028-4

USN-8028-5

USN-8028-6

USN-8028-7

USN-8028-8

USN-8031-1

USN-8031-2

USN-8031-3

USN-8052-1

USN-8052-2

USN-8074-1

USN-8074-2

USN-8126-1

Affected Products

Almalinux

Debian

Linuxmint

Linux Kernel

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

CVE-2025-38499

Weakness Enumeration

Related Identifiers

Affected Products

References · 3642