CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-38172

In the Linux kernel, the following vulnerability has been resolved: erofs: avoid using multiple devices with different type For multiple devices, both primary and extra devices should be the same type. `erofs_init_device` has already guaranteed that if the primary is a file-backed device, extra devices should also be regular files. However, if the primary is a block device while the extra device is a file-backed device, `erofs_init_device` will get an ENOTBLK, which is not treated as an error in `erofs_fc_get_tree`, and that leads to an UAF: erofs_fc_get_tree get_tree_bdev_flags(erofs_fc_fill_super) erofs_read_superblock erofs_init_device // sbi->dif0 is not inited yet, // return -ENOTBLK deactivate_locked_super free(sbi) if (err is -ENOTBLK) sbi->dif0.file = filp_open() // sbi UAF So if -ENOTBLK is hitted in `erofs_init_device`, it means the primary device must be a block device, and the extra device is not a block device. The error can be converted to -EINVAL.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 15.9%

CVSS Severity

CVSS v3 Score 7.8

References

Products affected by CVE-2025-38172

Linux » Linux Kernel » Version: 6.12

cpe:2.3:o:linux:linux_kernel:6.12
Linux » Linux Kernel » Version: 6.12.1

cpe:2.3:o:linux:linux_kernel:6.12.1
Linux » Linux Kernel » Version: 6.12.10

cpe:2.3:o:linux:linux_kernel:6.12.10
Linux » Linux Kernel » Version: 6.12.11

cpe:2.3:o:linux:linux_kernel:6.12.11
Linux » Linux Kernel » Version: 6.12.12

cpe:2.3:o:linux:linux_kernel:6.12.12
Linux » Linux Kernel » Version: 6.12.13

cpe:2.3:o:linux:linux_kernel:6.12.13
Linux » Linux Kernel » Version: 6.12.14

cpe:2.3:o:linux:linux_kernel:6.12.14
Linux » Linux Kernel » Version: 6.12.15

cpe:2.3:o:linux:linux_kernel:6.12.15
Linux » Linux Kernel » Version: 6.12.16

cpe:2.3:o:linux:linux_kernel:6.12.16
Linux » Linux Kernel » Version: 6.12.17

cpe:2.3:o:linux:linux_kernel:6.12.17
Linux » Linux Kernel » Version: 6.12.18

cpe:2.3:o:linux:linux_kernel:6.12.18
Linux » Linux Kernel » Version: 6.12.19

cpe:2.3:o:linux:linux_kernel:6.12.19
Linux » Linux Kernel » Version: 6.12.2

cpe:2.3:o:linux:linux_kernel:6.12.2
Linux » Linux Kernel » Version: 6.12.20

cpe:2.3:o:linux:linux_kernel:6.12.20
Linux » Linux Kernel » Version: 6.12.21

cpe:2.3:o:linux:linux_kernel:6.12.21
Linux » Linux Kernel » Version: 6.12.22

cpe:2.3:o:linux:linux_kernel:6.12.22
Linux » Linux Kernel » Version: 6.12.23

cpe:2.3:o:linux:linux_kernel:6.12.23
Linux » Linux Kernel » Version: 6.12.24

cpe:2.3:o:linux:linux_kernel:6.12.24
Linux » Linux Kernel » Version: 6.12.25

cpe:2.3:o:linux:linux_kernel:6.12.25
Linux » Linux Kernel » Version: 6.12.26

cpe:2.3:o:linux:linux_kernel:6.12.26
Linux » Linux Kernel » Version: 6.12.27

cpe:2.3:o:linux:linux_kernel:6.12.27
Linux » Linux Kernel » Version: 6.12.28

cpe:2.3:o:linux:linux_kernel:6.12.28
Linux » Linux Kernel » Version: 6.12.29

cpe:2.3:o:linux:linux_kernel:6.12.29
Linux » Linux Kernel » Version: 6.12.3

cpe:2.3:o:linux:linux_kernel:6.12.3
Linux » Linux Kernel » Version: 6.12.30

cpe:2.3:o:linux:linux_kernel:6.12.30
Linux » Linux Kernel » Version: 6.12.31

cpe:2.3:o:linux:linux_kernel:6.12.31
Linux » Linux Kernel » Version: 6.12.32

cpe:2.3:o:linux:linux_kernel:6.12.32
Linux » Linux Kernel » Version: 6.12.33

cpe:2.3:o:linux:linux_kernel:6.12.33
Linux » Linux Kernel » Version: 6.12.4

cpe:2.3:o:linux:linux_kernel:6.12.4
Linux » Linux Kernel » Version: 6.12.5

cpe:2.3:o:linux:linux_kernel:6.12.5
Linux » Linux Kernel » Version: 6.12.6

cpe:2.3:o:linux:linux_kernel:6.12.6
Linux » Linux Kernel » Version: 6.12.7

cpe:2.3:o:linux:linux_kernel:6.12.7
Linux » Linux Kernel » Version: 6.12.8

cpe:2.3:o:linux:linux_kernel:6.12.8
Linux » Linux Kernel » Version: 6.12.9

cpe:2.3:o:linux:linux_kernel:6.12.9
Linux » Linux Kernel » Version: 6.13

cpe:2.3:o:linux:linux_kernel:6.13
Linux » Linux Kernel » Version: 6.13.1

cpe:2.3:o:linux:linux_kernel:6.13.1
Linux » Linux Kernel » Version: 6.13.10

cpe:2.3:o:linux:linux_kernel:6.13.10
Linux » Linux Kernel » Version: 6.13.11

cpe:2.3:o:linux:linux_kernel:6.13.11
Linux » Linux Kernel » Version: 6.13.12

cpe:2.3:o:linux:linux_kernel:6.13.12
Linux » Linux Kernel » Version: 6.13.2

cpe:2.3:o:linux:linux_kernel:6.13.2
Linux » Linux Kernel » Version: 6.13.3

cpe:2.3:o:linux:linux_kernel:6.13.3
Linux » Linux Kernel » Version: 6.13.4

cpe:2.3:o:linux:linux_kernel:6.13.4
Linux » Linux Kernel » Version: 6.13.5

cpe:2.3:o:linux:linux_kernel:6.13.5
Linux » Linux Kernel » Version: 6.13.6

cpe:2.3:o:linux:linux_kernel:6.13.6
Linux » Linux Kernel » Version: 6.13.7

cpe:2.3:o:linux:linux_kernel:6.13.7
Linux » Linux Kernel » Version: 6.13.8

cpe:2.3:o:linux:linux_kernel:6.13.8
Linux » Linux Kernel » Version: 6.13.9

cpe:2.3:o:linux:linux_kernel:6.13.9
Linux » Linux Kernel » Version: 6.14

cpe:2.3:o:linux:linux_kernel:6.14
Linux » Linux Kernel » Version: 6.14.1

cpe:2.3:o:linux:linux_kernel:6.14.1
Linux » Linux Kernel » Version: 6.14.10

cpe:2.3:o:linux:linux_kernel:6.14.10
Linux » Linux Kernel » Version: 6.14.11

cpe:2.3:o:linux:linux_kernel:6.14.11
Linux » Linux Kernel » Version: 6.14.2

cpe:2.3:o:linux:linux_kernel:6.14.2
Linux » Linux Kernel » Version: 6.14.3

cpe:2.3:o:linux:linux_kernel:6.14.3
Linux » Linux Kernel » Version: 6.14.4

cpe:2.3:o:linux:linux_kernel:6.14.4
Linux » Linux Kernel » Version: 6.14.5

cpe:2.3:o:linux:linux_kernel:6.14.5
Linux » Linux Kernel » Version: 6.14.6

cpe:2.3:o:linux:linux_kernel:6.14.6
Linux » Linux Kernel » Version: 6.14.7

cpe:2.3:o:linux:linux_kernel:6.14.7
Linux » Linux Kernel » Version: 6.14.8

cpe:2.3:o:linux:linux_kernel:6.14.8
Linux » Linux Kernel » Version: 6.14.9

cpe:2.3:o:linux:linux_kernel:6.14.9
Linux » Linux Kernel » Version: 6.15

cpe:2.3:o:linux:linux_kernel:6.15
Linux » Linux Kernel » Version: 6.15.1

cpe:2.3:o:linux:linux_kernel:6.15.1
Linux » Linux Kernel » Version: 6.15.2

cpe:2.3:o:linux:linux_kernel:6.15.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-38172

Products

Pricing

Contact Us