CVE-2025-38712

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel where the hfsplus create attributes file() function incorrectly uses BUG ON(). This occurs when the volume header contains incorrect values, leading to an error when the function is called. The issue arises from an assumption made during the hfsplus fill super() process regarding the creation status of the attributes file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Assertion Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-371CWE-617

Related Identifiers

AZL-66866

AZL-75306

BDU:2025-15752

CVE-2025-38712

DLA-4327-1

DLA-4328-1

DSA-6009-1

ECHO-2B99-4411-2A02

MGASA-2025-0234

MGASA-2025-0235

OESA-2026-1275

OESA-2026-1303

OESA-2026-1304

OESA-2026-1305

SUSE-SU-2025:03600-1

SUSE-SU-2025:03614-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20851-1

SUSE-SU-2025:20861-1

SUSE-SU-2025:20870-1

SUSE-SU-2025:20898-1

SUSE-SU-2025:3751-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4141-1

USN-7909-1

USN-7909-2

USN-7909-3

USN-7909-4

USN-7909-5

USN-7910-1

USN-7910-2

USN-7933-1

USN-7938-1

USN-8028-1

USN-8028-2

USN-8028-3

USN-8028-4

USN-8028-5

USN-8028-6

USN-8028-7

USN-8028-8

USN-8031-1

USN-8031-2

USN-8031-3

USN-8052-1

USN-8052-2

USN-8074-1

USN-8074-2

USN-8126-1

Affected Products

Debian

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

CVE-2025-38712

Weakness Enumeration

Related Identifiers

Affected Products

References · 3033