Linux Kernel Vulnerability in User Namespace and Mount Namespace
CVE-2025-38247

Currently unrated

Key Information:

Vendor

Linux

Status
Vendor
CVE Published:
9 July 2025

What is CVE-2025-38247?

A vulnerability in the Linux kernel allows for potential information leakage through the mishandling of user namespace and mount namespace references. Specifically, in the function open_tree_attr(2), if a positive result is returned from want_mount_setattr(), it improperly holds on to the mnt_userns without ensuring that finish_mount_kattr() is called. Consequently, a failure in do_mount_setattr() does not adequately clean up, leading to a leak of sensitive namespace information, which could be exploited in certain contexts.

Affected Version(s)

Linux c4a16820d90199409c9bf01c4f794e1e9e8d8fd8 < 142db4e76110dd80239f4e79810f85ea1735ad60

Linux c4a16820d90199409c9bf01c4f794e1e9e8d8fd8 < 0748e553df0225754c316a92af3a77fdc057b358

Linux 6.15

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-38247 : Linux Kernel Vulnerability in User Namespace and Mount Namespace