-
CVE-2025-38411
- EPSS 0.03%
- Published 25.07.2025 14:15:32
- Last modified 25.07.2025 15:29:19
- Source 416baaa9-dc9f-4396-8d5f-8c081f
- Teams watchlist Login
- Open Login
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix double put of request If a netfs request finishes during the pause loop, it will have the ref that belongs to the IN_PROGRESS flag removed at that point - however, if it then goes to the final wait loop, that will *also* put the ref because it sees that the IN_PROGRESS flag is clear and incorrectly assumes that this happened when it called the collector. In fact, since IN_PROGRESS is clear, we shouldn't call the collector again since it's done all the cleanup, such as calling ->ki_complete(). Fix this by making netfs_collect_in_app() just return, indicating that we're done if IN_PROGRESS is removed.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorLinux
≫
Product
Linux
Default Statusunaffected
Version <
d18facba5a5795ad44b2a00a052e3db2fa77ab12
Version
329ba1cb402ac328224965b8fc7a554a5150908e
Status
affected
Version <
9df7b5ebead649b00bf9a53a798e4bf83a1318fd
Version
2b1424cd131cfaba4cf7040473133d26cddac088
Status
affected
VendorLinux
≫
Product
Linux
Default Statusunaffected
Version <
6.15.6
Version
6.15.3
Status
affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.064 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|