Mount Management Vulnerability in Linux Kernel
CVE-2025-38058

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 June 2025

What is CVE-2025-38058?

A vulnerability in the Linux kernel's mount management functionality could allow an unauthorized modification of references during the unmounting process. Specifically, the lack of proper locking around the legitimize_mnt() function can lead to potential inconsistencies in resource management. This occurs when the mounting count is incremented after a validation check allows access to a memory that should ideally be protected. The oversight poses risks for system stability and can create avenues for further exploitation if left unaddressed.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 628fb00195ce21a90cf9e4e3d105cd9e58f77b40

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/628fb00195ce21a90cf9e4e3d...

https://git.kernel.org/stable/c/b89eb56a378b7b2c1176787fc...

https://git.kernel.org/stable/c/f6d45fd92f62845cbd1eb5128...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 18, 2025
Vulnerability Reserved
Apr 16, 2025