CVE-2025-38206
04.07.2025, 14:15
In the Linux kernel, the following vulnerability has been resolved:
exfat: fix double free in delayed_free
The double free could happen in the following path.
exfat_create_upcase_table()
exfat_create_upcase_table() : return error
exfat_free_upcase_table() : free ->vol_utbl
exfat_load_default_upcase_table : return error
exfat_kill_sb()
delayed_free()
exfat_free_upcase_table() <--------- double free
This patch set ->vol_util as NULL after freeing it.Enginsight| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 5.7 ≤ 𝑥 < 5.10.239 |
| linux | linux_kernel | 5.11 ≤ 𝑥 < 5.15.186 |
| linux | linux_kernel | 5.16 ≤ 𝑥 < 6.15.4 |
| debian | debian_linux | 11.0 |
𝑥
= Vulnerable software versions
Debian Releases
Common Weakness Enumeration
References