Linux Kernel Vulnerability in User Namespace and Mount Namespace
CVE-2025-38247

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 9 July 2025

What is CVE-2025-38247?

A vulnerability in the Linux kernel allows for potential information leakage through the mishandling of user namespace and mount namespace references. Specifically, in the function open_tree_attr(2), if a positive result is returned from want_mount_setattr(), it improperly holds on to the mnt_userns without ensuring that finish_mount_kattr() is called. Consequently, a failure in do_mount_setattr() does not adequately clean up, leading to a leak of sensitive namespace information, which could be exploited in certain contexts.

Affected Version(s)

Linux c4a16820d90199409c9bf01c4f794e1e9e8d8fd8 < 142db4e76110dd80239f4e79810f85ea1735ad60

Linux c4a16820d90199409c9bf01c4f794e1e9e8d8fd8 < 0748e553df0225754c316a92af3a77fdc057b358

Linux 6.15

References

https://git.kernel.org/stable/c/142db4e76110dd80239f4e798...

https://git.kernel.org/stable/c/0748e553df0225754c316a92a...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 9, 2025
Vulnerability Reserved
Apr 16, 2025