Slab Out-of-Bounds Vulnerability in Linux Kernel Affecting HFS
CVE-2025-38715

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 September 2025

What is CVE-2025-38715?

A vulnerability in the Linux kernel's handling of HFS has been identified, where improper management of bnode reading can lead to slab out-of-bounds access. The introduced methods is_bnode_offset_valid() and check_and_correct_requested_length() ensure that any requested offsets and lengths are validated before access is attempted. This patch aims to prevent potential crashes and memory corruption, enhancing the overall stability and security of the kernel's HFS functionality.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 67ecc81f6492275c9c54280532f558483c99c90e

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/e7d2dc2421e821e4045775e6d...

https://git.kernel.org/stable/c/67ecc81f6492275c9c5428053...

https://git.kernel.org/stable/c/a1a60e79502279f996e55052f...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 4, 2025
Vulnerability Reserved
Apr 16, 2025