CVE-2025-38692
04.09.2025, 16:15
In the Linux kernel, the following vulnerability has been resolved:
exfat: add cluster chain loop check for dir
An infinite loop may occur if the following conditions occur due to
file system corruption.
(1) Condition for exfat_count_dir_entries() to loop infinitely.
- The cluster chain includes a loop.
- There is no UNUSED entry in the cluster chain.
(2) Condition for exfat_create_upcase_table() to loop infinitely.
- The cluster chain of the root directory includes a loop.
- There are no UNUSED entry and up-case table entry in the cluster
chain of the root directory.
(3) Condition for exfat_load_bitmap() to loop infinitely.
- The cluster chain of the root directory includes a loop.
- There are no UNUSED entry and bitmap entry in the cluster chain
of the root directory.
(4) Condition for exfat_find_dir_entry() to loop infinitely.
- The cluster chain includes a loop.
- The unused directory entries were exhausted by some operation.
(5) Condition for exfat_check_dir_empty() to loop infinitely.
- The cluster chain includes a loop.
- The unused directory entries were exhausted by some operation.
- All files and sub-directories under the directory are deleted.
This commit adds checks to break the above infinite loop.| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 5.7 ≤ 𝑥 < 6.6.103 |
| linux | linux_kernel | 6.7 ≤ 𝑥 < 6.12.43 |
| linux | linux_kernel | 6.13 ≤ 𝑥 < 6.15.11 |
| linux | linux_kernel | 6.16 ≤ 𝑥 < 6.16.2 |
𝑥
= Vulnerable software versions
Debian Releases
Common Weakness Enumeration
References