CVE-2025-38498
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
do_change_type(): refuse to operate on unmounted/not ours mounts
Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking with the rest of mount(2).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 07b20889e3052c7e77d6a6a54e7e83446eb1ba84 < 787937c4e373f1722c4343e5a5a4eb0f8543e589 | affected |
| Linux | Linux | 07b20889e3052c7e77d6a6a54e7e83446eb1ba84 < c7d11fdf8e5db5f34a6c062c7e6ba3a0971879d2 | affected |
| Linux | Linux | 07b20889e3052c7e77d6a6a54e7e83446eb1ba84 < 432a171d60056489270c462e651e6c3a13f855b1 | affected |
| Linux | Linux | 07b20889e3052c7e77d6a6a54e7e83446eb1ba84 < 064014f7812744451d5d0592f3d2bcd727f2ee93 | affected |
| Linux | Linux | 07b20889e3052c7e77d6a6a54e7e83446eb1ba84 < 4f091ad0862b02dc42a19a120b7048de848561f8 | affected |
| Linux | Linux | 07b20889e3052c7e77d6a6a54e7e83446eb1ba84 < 9c1ddfeb662b668fff69c5f1cfdd9f5d23d55d23 | affected |
| Linux | Linux | 07b20889e3052c7e77d6a6a54e7e83446eb1ba84 < 19554c79a2095ddde850906a067915c1ef3a4114 | affected |
| Linux | Linux | 07b20889e3052c7e77d6a6a54e7e83446eb1ba84 < 12f147ddd6de7382dad54812e65f3f08d05809fc | affected |
| Linux | Linux | 2.6.15 | affected |
| Linux | Linux | 0 < 2.6.15 | unaffected |
| Linux | Linux | 5.4.295 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.239 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.186 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.142 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.94 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.34 <= 6.12.* | unaffected |
| Linux | Linux | 6.15.3 <= 6.15.* | unaffected |
| Linux | Linux | 6.16 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Additional References
- https://cert-portal.siemens.com/productcert/html/ssa-082556.html
- https://cert-portal.siemens.com/productcert/html/ssa-089022.html
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/787937c4e373f1722c4343e5a5a4eb0f8543e589
- https://git.kernel.org/stable/c/c7d11fdf8e5db5f34a6c062c7e6ba3a0971879d2
- https://git.kernel.org/stable/c/432a171d60056489270c462e651e6c3a13f855b1
- https://git.kernel.org/stable/c/064014f7812744451d5d0592f3d2bcd727f2ee93
- https://git.kernel.org/stable/c/4f091ad0862b02dc42a19a120b7048de848561f8
- https://git.kernel.org/stable/c/9c1ddfeb662b668fff69c5f1cfdd9f5d23d55d23
- https://git.kernel.org/stable/c/19554c79a2095ddde850906a067915c1ef3a4114
- https://git.kernel.org/stable/c/12f147ddd6de7382dad54812e65f3f08d05809fc
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.