PT-2025-35982 · Linux+4 · Linux Kernel+4

Syzbot

·

Published

2025-07-11

·

Updated

2026-05-26

·

CVE-2025-38709

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The Linux kernel contains an issue where a loop device block size could be changed underneath a mounted filesystem. This discrepancy between the block device block size and the superblock block size could lead to confusion in areas like fs/buffer.c, specifically triggering a warning in the getblk slow() function due to a mismatch in requested buffer size and block device block size. The fix involves obtaining exclusive hold of the loop device before changing its block size, preventing modification if another process already has exclusive ownership.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Locking

Time Of Check To Time Of Use

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-667CWE-367

Related Identifiers

AZL-66812
AZL-71257
BDU:2026-01379
CVE-2025-38709
ECHO-7AAD-7732-D882
MGASA-2025-0234
MGASA-2025-0235
OESA-2025-2468
OESA-2025-2532
OESA-2025-2534
OESA-2025-2535
OESA-2025-2536
OESA-2025-2537
OPENSUSE-SU-2025:20081-1
SUSE-SU-2025:03600-1
SUSE-SU-2025:03601-1
SUSE-SU-2025:03602-1
SUSE-SU-2025:03633-1
SUSE-SU-2025:03634-1
SUSE-SU-2025:20851-1
SUSE-SU-2025:20861-1
SUSE-SU-2025:20870-1
SUSE-SU-2025:20898-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025:3725-1
SUSE-SU-2025:3751-1
USN-8095-1
USN-8095-2
USN-8095-3
USN-8095-4
USN-8095-5
USN-8100-1
USN-8125-1
USN-8126-1
USN-8165-1
USN-8261-1

Affected Products

Debian
Linuxmint
Linux Kernel
Suse
Ubuntu