Linux Kernel Vulnerability in gfs2 Exhash Directory Handling
CVE-2025-38710

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
4 September 2025

What is CVE-2025-38710?

A vulnerability in the gfs2 component of the Linux kernel relates to improper validation of the i_depth for exhash directories. When a fuzzing test creates a scenario resulting in a depth value of zero, it leads to an undefined shift operation. This happens during the reading process of directories, where the incorrectly calculated depth can cause instability and potentially allow for further exploitation. The issue can be mitigated by ensuring depth values do not fall below the minimum threshold, which is determined based on the configuration during the mounting of the filesystem.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 9a0045088d888c9c539c8c626a366cb52c0fbdab < 53a0249d68a210c16e961b83adfa82f94ee0a53d

Linux 9a0045088d888c9c539c8c626a366cb52c0fbdab

Linux 9a0045088d888c9c539c8c626a366cb52c0fbdab < 9680c58675b82348ab84d387e4fa727f7587e1a0

References

https://git.kernel.org/stable/c/53a0249d68a210c16e961b83a...
https://git.kernel.org/stable/c/b5f46951e62377b6e406fadc1...
https://git.kernel.org/stable/c/9680c58675b82348ab84d387e...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.