Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-38306

Опубликовано: 10 июл. 2025
Источник: nvd
CVSS3: 4.7
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

fs/fhandle.c: fix a race in call of has_locked_children()

may_decode_fh() is calling has_locked_children() while holding no locks. That's an oopsable race...

The rest of the callers are safe since they are holding namespace_sem and are guaranteed a positive refcount on the mount in question.

Rename the current has_locked_children() to __has_locked_children(), make it static and switch the fs/namespace.c users to it.

Make has_locked_children() a wrapper for __has_locked_children(), calling the latter under read_seqlock_excl(&mount_lock).

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 6.11 (включая) до 6.12.46 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 6.13 (включая) до 6.15.3 (исключая)

EPSS

Процентиль: 1%
0.00012
Низкий

4.7 Medium

CVSS3

Дефекты

CWE-362

Связанные уязвимости

ubuntu логотип

CVE-2025-38306

CVSS3: 4.7
ubuntu
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: fs/fhandle.c: fix a race in call of has_locked_children() may_decode_fh() is calling has_locked_children() while holding no locks. That's an oopsable race... The rest of the callers are safe since they are holding namespace_sem and are guaranteed a positive refcount on the mount in question. Rename the current has_locked_children() to __has_locked_children(), make it static and switch the fs/namespace.c users to it. Make has_locked_children() a wrapper for __has_locked_children(), calling the latter under read_seqlock_excl(&mount_lock).

redhat логотип

CVE-2025-38306

CVSS3: 7
redhat
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: fs/fhandle.c: fix a race in call of has_locked_children() may_decode_fh() is calling has_locked_children() while holding no locks. That's an oopsable race... The rest of the callers are safe since they are holding namespace_sem and are guaranteed a positive refcount on the mount in question. Rename the current has_locked_children() to __has_locked_children(), make it static and switch the fs/namespace.c users to it. Make has_locked_children() a wrapper for __has_locked_children(), calling the latter under read_seqlock_excl(&mount_lock).

debian логотип

CVE-2025-38306

CVSS3: 4.7
debian
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: f ...

github логотип

GHSA-93m4-3786-5phj

CVSS3: 4.7
github
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: fs/fhandle.c: fix a race in call of has_locked_children() may_decode_fh() is calling has_locked_children() while holding no locks. That's an oopsable race... The rest of the callers are safe since they are holding namespace_sem and are guaranteed a positive refcount on the mount in question. Rename the current has_locked_children() to __has_locked_children(), make it static and switch the fs/namespace.c users to it. Make has_locked_children() a wrapper for __has_locked_children(), calling the latter under read_seqlock_excl(&mount_lock).

fstec логотип

BDU:2025-10738

CVSS3: 4.8
fstec
6 месяцев назад

Уязвимость функции has_locked_children ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 1%
0.00012
Низкий

4.7 Medium

CVSS3

Дефекты

CWE-362