fkie_cve-2025-38698
Vulnerability from fkie_nvd
Published
2025-09-04 16:15
Modified
2025-11-03 18:16
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: jfs: Regular file corruption check The reproducer builds a corrupted file on disk with a negative i_size value. Add a check when opening this file to avoid subsequent operation failures.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/00462be586b33076f8b8023e7ba697deedc131db
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/02edcfda419168d9405bffe55f18ea9c1bf92366
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/2d04df8116426b6c7b9f8b9b371250f666a2a2fb
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/6bc86f1d7d5419d5b19483ba203ca0b760c41c51
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/78989af5bbf55a0cf1165b0fa73921bc02f1543b
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/9605cb2ea38ba014d0e704cba0dbbb00593fa9fd
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/9ad054cd2c4ca8c371e555748832aa217c41fc65
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/9f896c3d0192241d6438be6963682ace8203f502
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/fd9454b7710b28060faa49b041f8283c435721a3
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Regular file corruption check\n\nThe reproducer builds a corrupted file on disk with a negative i_size value.\nAdd a check when opening this file to avoid subsequent operation failures."
    }
  ],
  "id": "CVE-2025-38698",
  "lastModified": "2025-11-03T18:16:35.890",
  "metrics": {},
  "published": "2025-09-04T16:15:38.370",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/00462be586b33076f8b8023e7ba697deedc131db"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/02edcfda419168d9405bffe55f18ea9c1bf92366"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/2d04df8116426b6c7b9f8b9b371250f666a2a2fb"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/6bc86f1d7d5419d5b19483ba203ca0b760c41c51"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/78989af5bbf55a0cf1165b0fa73921bc02f1543b"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/9605cb2ea38ba014d0e704cba0dbbb00593fa9fd"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/9ad054cd2c4ca8c371e555748832aa217c41fc65"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/9f896c3d0192241d6438be6963682ace8203f502"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/fd9454b7710b28060faa49b041f8283c435721a3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.