Len Overflow Vulnerability in ext4 Filesystem of Linux Kernel
CVE-2025-38222

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 July 2025

What is CVE-2025-38222?

A len overflow vulnerability exists in the ext4 filesystem of the Linux kernel, specifically when managing inline data. This issue arises during write operations where the parameter length is incorrectly handled due to truncation in the data preparation phase. As a result, a call to ext4_prepare_inline_data may receive an inaccurate length parameter, which leads to runtime errors when attempting to write past the allocated inline data size. This can potentially disrupt system stability and data integrity, requiring diligent attention from system administrators and users to ensure that systems are updated and secure.

Affected Version(s)

Linux f19d5870cbf72d4cb2a8e1f749dff97af99b071e

Linux f19d5870cbf72d4cb2a8e1f749dff97af99b071e < 717414a8c083c376d4a8940a1230fe0c6ed4ee00

Linux f19d5870cbf72d4cb2a8e1f749dff97af99b071e < 9d1d1c5bf4fc1af76be154d3afb2acdbd89ec7d8

References

https://git.kernel.org/stable/c/d3dfc60efd145df5324b99a24...

https://git.kernel.org/stable/c/717414a8c083c376d4a8940a1...

https://git.kernel.org/stable/c/9d1d1c5bf4fc1af76be154d3a...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 4, 2025
Vulnerability Reserved
Apr 16, 2025