CVE-2025-38220

EPSS 0.03%
Published 04.07.2025 13:37:36
Last modified 08.07.2025 16:18:53
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

ext4: only dirty folios when data journaling regular files

fstest generic/388 occasionally reproduces a crash that looks as
follows:

BUG: kernel NULL pointer dereference, address: 0000000000000000
...
Call Trace:
 <TASK>
 ext4_block_zero_page_range+0x30c/0x380 [ext4]
 ext4_truncate+0x436/0x440 [ext4]
 ext4_process_orphan+0x5d/0x110 [ext4]
 ext4_orphan_cleanup+0x124/0x4f0 [ext4]
 ext4_fill_super+0x262d/0x3110 [ext4]
 get_tree_bdev_flags+0x132/0x1d0
 vfs_get_tree+0x26/0xd0
 vfs_cmd_create+0x59/0xe0
 __do_sys_fsconfig+0x4ed/0x6b0
 do_syscall_64+0x82/0x170
 ...

This occurs when processing a symlink inode from the orphan list. The
partial block zeroing code in the truncate path calls
ext4_dirty_journalled_data() -> folio_mark_dirty(). The latter calls
mapping->a_ops->dirty_folio(), but symlink inodes are not assigned an
a_ops vector in ext4, hence the crash.

To avoid this problem, update the ext4_dirty_journalled_data() helper to
only mark the folio dirty on regular files (for which a_ops is
assigned). This also matches the journaling logic in the ext4_symlink()
creation path, where ext4_handle_dirty_metadata() is called directly.

Affected products Warnungen 0 Metrics 1 CWE 0 References 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < cf6a4c4ac7b6e3214f25df594c9689a62f1bb456

Version d84c9ebdac1e39bc7b036c0c829ee8c1956edabc

Status affected

Version < be5f3061a6f904e3674257879e71881ceee5b673

Version d84c9ebdac1e39bc7b036c0c829ee8c1956edabc

Status affected

Version < d7af6eee8cd60f55aa8c5fe2b91f11ec0c9a0f27

Version d84c9ebdac1e39bc7b036c0c829ee8c1956edabc

Status affected

Version < e26268ff1dcae5662c1b96c35f18cfa6ab73d9de

Version d84c9ebdac1e39bc7b036c0c829ee8c1956edabc

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version 6.4

Status affected

Version < 6.4

Version 0

Status unaffected

Version <= 6.6.*

Version 6.6.95

Status unaffected

Version <= 6.12.*

Version 6.12.35

Status unaffected

Version <= 6.15.*

Version 6.15.4

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.057

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/cf6a4c4ac7b6e3214f25df594c9689a62f1bb456

https://git.kernel.org/stable/c/be5f3061a6f904e3674257879e71881ceee5b673

https://git.kernel.org/stable/c/d7af6eee8cd60f55aa8c5fe2b91f11ec0c9a0f27

https://git.kernel.org/stable/c/e26268ff1dcae5662c1b96c35f18cfa6ab73d9de

https://nvd.nist.gov/vuln/detail/CVE-2025-38220

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38220

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38220

EUVD