Linux Kernel Vulnerability in ext4 Handling Symlink Inodes
CVE-2025-38220

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
4 July 2025

What is CVE-2025-38220?

A vulnerability has been identified in the Linux kernel's ext4 filesystem affecting the handling of symlink inodes. When processing a symlink inode from the orphan list during a truncation operation, a NULL pointer dereference may occur due to improper management of dirty folios in data journaling for regular files. This flaw can lead to a system crash, evidenced by error messages indicating a kernel NULL pointer dereference. To rectify this issue, it's essential to update the ext4_dirty_journalled_data() helper to only mark dirty the folios of regular files where appropriate operations are assigned, thus aligning with existing journaling logic.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux d84c9ebdac1e39bc7b036c0c829ee8c1956edabc

Linux d84c9ebdac1e39bc7b036c0c829ee8c1956edabc

Linux d84c9ebdac1e39bc7b036c0c829ee8c1956edabc

References

https://git.kernel.org/stable/c/cf6a4c4ac7b6e3214f25df594...
https://git.kernel.org/stable/c/be5f3061a6f904e3674257879...
https://git.kernel.org/stable/c/d7af6eee8cd60f55aa8c5fe2b...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.