CVE-2025-38206

EUVD-2025-20050
In the Linux kernel, the following vulnerability has been resolved:

exfat: fix double free in delayed_free

The double free could happen in the following path.

exfat_create_upcase_table()
        exfat_create_upcase_table() : return error
        exfat_free_upcase_table() : free ->vol_utbl
        exfat_load_default_upcase_table : return error
     exfat_kill_sb()
           delayed_free()
                  exfat_free_upcase_table() <--------- double free
This patch set ->vol_util as NULL after freeing it.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 21%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
5.7 ≤
𝑥
< 5.10.239
linuxlinux_kernel
5.11 ≤
𝑥
< 5.15.186
linuxlinux_kernel
5.16 ≤
𝑥
< 6.15.4
debiandebian_linux
11.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
vulnerable
bookworm (security)
vulnerable
bullseye
vulnerable
bullseye (security)
5.10.251-5
fixed
forky
7.0.7-1
fixed
sid
7.0.7-1
fixed
trixie
vulnerable
trixie (security)
vulnerable
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
cluster-md-kmp-default
suse enterprise server 15 SP5
5.14.21-150500.55.116.1
fixed
dlm-kmp-default
suse enterprise server 15 SP5
5.14.21-150500.55.116.1
fixed
gfs2-kmp-default
suse enterprise server 15 SP5
5.14.21-150500.55.116.1
fixed
kernel-64kb
suse enterprise desktop 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise server 15 SP3
5.3.18-150300.59.218.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.173.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.116.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.11.1
fixed
kernel-azure
suse enterprise sap 15 SP6
6.4.0-150600.8.48.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.20.11.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.8.48.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.20.11.1
fixed
kernel-default
suse enterprise server 15 SP3
5.3.18-150300.59.218.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.173.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.116.1
fixed
kernel-default-base
suse enterprise desktop 15 SP6
6.4.0-150600.23.65.1.150600.12.28.4
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.11.1.150700.17.9.4
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.65.1.150600.12.28.4
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.11.1.150700.17.9.4
fixed
suse enterprise server 15 SP3
5.3.18-150300.59.218.1.150300.18.130.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.173.1.150400.24.88.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.116.1.150500.6.55.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.65.1.150600.12.28.4
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.11.1.150700.17.9.4
fixed
kernel-docs
suse enterprise desktop 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.11.3
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.11.3
fixed
suse enterprise server 15 SP3
5.3.18-150300.59.218.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.173.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.116.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.11.3
fixed
kernel-macros
suse enterprise desktop 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise server 15 SP3
5.3.18-150300.59.218.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.173.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.116.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.11.1
fixed
kernel-obs-build
suse enterprise desktop 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise server 15 SP3
5.3.18-150300.59.218.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.173.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.116.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.11.1
fixed
kernel-preempt
suse enterprise server 15 SP3
5.3.18-150300.59.218.1
fixed
kernel-source
suse enterprise desktop 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise server 15 SP3
5.3.18-150300.59.218.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.173.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.116.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.11.1
fixed
kernel-source-azure
suse enterprise sap 15 SP6
6.4.0-150600.8.48.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.20.11.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.8.48.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.20.11.1
fixed
kernel-syms
suse enterprise desktop 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise server 15 SP3
5.3.18-150300.59.218.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.173.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.116.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.11.1
fixed
kernel-syms-azure
suse enterprise sap 15 SP6
6.4.0-150600.8.48.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.20.11.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.8.48.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.20.11.1
fixed
kernel-zfcpdump
suse enterprise desktop 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise server 15 SP3
5.3.18-150300.59.218.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.173.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.116.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.11.1
fixed
ocfs2-kmp-default
suse enterprise server 15 SP5
5.14.21-150500.55.116.1
fixed
reiserfs-kmp-default
suse enterprise server 15 SP3
5.3.18-150300.59.218.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.173.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.116.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
kernel
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-64k
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-64k-core
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-64k-debug
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-64k-debug-core
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-64k-debug-devel
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-64k-debug-devel-matched
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-64k-debug-modules
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-64k-debug-modules-core
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-64k-debug-modules-extra
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-64k-devel
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-64k-devel-matched
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-64k-modules
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-64k-modules-core
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-64k-modules-extra
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-abi-stablelists
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-core
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-debug
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-debug-core
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-debug-devel
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-debug-devel-matched
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-debug-modules
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-debug-modules-core
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-debug-modules-extra
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-debug-uki-virt
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-devel
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-devel-matched
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-doc
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-modules
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-modules-core
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-modules-extra
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt-64k
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt-64k-core
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt-64k-debug
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt-64k-debug-core
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt-64k-debug-devel
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt-64k-debug-modules
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt-64k-debug-modules-core
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt-64k-debug-modules-extra
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt-64k-devel
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt-64k-modules
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt-64k-modules-core
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt-64k-modules-extra
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt-core
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt-debug
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt-debug-core
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt-debug-devel
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt-debug-modules
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt-debug-modules-core
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt-debug-modules-extra
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt-devel
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt-modules
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt-modules-core
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-rt-modules-extra
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-tools
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-tools-libs
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-tools-libs-devel
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-uki-virt
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-uki-virt-addons
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-zfcpdump
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-zfcpdump-core
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-zfcpdump-devel
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-zfcpdump-devel-matched
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-zfcpdump-modules
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-zfcpdump-modules-core
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
kernel-zfcpdump-modules-extra
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
libperf
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
perf
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
python3-perf
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
rtla
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
rv
RHEL 9
0:5.14.0-611.35.1.el9_7
fixed
Common Weakness Enumeration
References
https://git.kernel.org/stable/c/13d8de1b6568dcc31a95534ced16bc0c9a67bc15
https://git.kernel.org/stable/c/1f3d9724e16d62c7d42c67d6613b8512f2887c22
https://git.kernel.org/stable/c/66e84439ec2af776ce749e8540f8fdd257774152
https://git.kernel.org/stable/c/d3cef0e7a5c1aa6217c51faa9ce8ecac35d6e1fd
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html