CVE-2025-38578

CVSS v2.0

5.7

Medium

Vector

AV:L/AC:L/Au:S/C:P/I:P/A:C

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The Linux kernel contains a use-after-free (UAF) vulnerability in the f2fs sync inode meta() function. This issue was identified by syzkaller and results from improper handling of memory, potentially leading to system instability or other undefined behavior.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

AZL-66521

BDU:2025-15174

CVE-2025-38578

DLA-4327-1

DLA-4328-1

ECHO-A2F1-16CC-B423

MGASA-2025-0234

MGASA-2025-0235

USN-7879-1

USN-7879-2

USN-7879-3

USN-7879-4

USN-7880-1

USN-7909-1

USN-7909-2

USN-7909-3

USN-7909-4

USN-7909-5

USN-7910-1

USN-7910-2

USN-7933-1

USN-7934-1

USN-7938-1

USN-8028-1

USN-8028-2

USN-8028-3

USN-8028-4

USN-8028-5

USN-8028-6

USN-8028-7

USN-8028-8

USN-8031-1

USN-8031-2

USN-8031-3

USN-8052-1

USN-8052-2

USN-8074-1

USN-8074-2

USN-8126-1

Affected Products

Debian

Linuxmint

Linux Kernel

Red Os

Ubuntu

CVE-2025-38578

Weakness Enumeration

Related Identifiers

Affected Products

References · 1367