Infinite Loop Vulnerability in Linux Kernel exFAT Implementation by Linux Foundation
CVE-2025-38692

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 September 2025

What is CVE-2025-38692?

In the exFAT implementation of the Linux kernel, a vulnerability exists that can lead to an infinite loop caused by file system corruption. This happens when the cluster chain contains a loop, and there are no available entries in the cluster. Specifically, several functions such as exfat_count_dir_entries() and exfat_load_bitmap() can get trapped in an infinite loop under certain conditions. This vulnerability highlights the importance of adding checks to detect and break such loops to maintain system stability and integrity.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 868f23286c1a13162330fa6c614fe350f78e3f82

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/868f23286c1a13162330fa6c6...

https://git.kernel.org/stable/c/aa8fe7b7b73d4c9a41bb96cb3...

https://git.kernel.org/stable/c/e2066ca3ef49a30920d8536fa...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 4, 2025
Vulnerability Reserved
Apr 16, 2025