File Type Validation Issue in Linux Kernel's nilfs2 File System
CVE-2025-38663

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
22 August 2025

What is CVE-2025-38663?

A vulnerability in the nilfs2 file system of the Linux kernel allows invalid file types to be processed when reading inodes, potentially leading to malfunctions and assertion failures. This issue can cause the virtualization file system (vfs) to improperly handle inode data, resulting in filesystem errors that may affect system stability and performance. A proper sanity check has been introduced to reject invalid file types, ensuring more robust and secure file handling within the system.

Affected Version(s)

Linux 05fe58fdc10df9ebea04c0eaed57adc47af5c184 < 1a5c204e175a78556b8ef1f7683249fa5197295a

Linux 05fe58fdc10df9ebea04c0eaed57adc47af5c184

Linux 05fe58fdc10df9ebea04c0eaed57adc47af5c184 < 79663a15a1c70ca84f86f2dbba07b423fe7d5d4f

References

https://git.kernel.org/stable/c/1a5c204e175a78556b8ef1f76...
https://git.kernel.org/stable/c/bf585ee198bba4ff25b0d80a0...
https://git.kernel.org/stable/c/79663a15a1c70ca84f86f2dbb...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-38663 : File Type Validation Issue in Linux Kernel's nilfs2 File System