CVE-2025-38698

MEDIUM
2025-09-04 416baaa9-dc9f-4396-8d5f-8c081fb06d67
5.5
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 17, 2026 - 20:45 vuln.today
Patch Released
Mar 17, 2026 - 20:45 nvd
Patch available
CVE Published
Sep 04, 2025 - 16:15 nvd
MEDIUM 5.5

Tags

Linux Denial Of Service Debian Linux Linux Kernel Redhat Suse

Description

In the Linux kernel, the following vulnerability has been resolved: jfs: Regular file corruption check The reproducer builds a corrupted file on disk with a negative i_size value. Add a check when opening this file to avoid subsequent operation failures.

Analysis

A file corruption vulnerability exists in the Linux kernel's JFS (Journaled File System) implementation where a specially crafted file with a negative i_size value on disk can cause system instability and denial of service. The vulnerability affects all versions of the Linux kernel with JFS support, requiring local access and standard user privileges to trigger. An attacker with local file system access can cause file operation failures and system crashes, though the EPSS score of 0.01% indicates this is unlikely to be actively exploited in the wild.

Technical Context

The vulnerability resides in the JFS file system driver within the Linux kernel, which is responsible for managing file metadata during file operations. When a regular file is opened, the kernel reads the inode structure from disk which contains the file size (i_size) attribute; a negative value in this field violates filesystem semantics and causes subsequent kernel operations to fail unpredictably. The issue represents a lack of input validation in the file opening code path (affected CPE: cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*, specifically including kernel versions from 2.6.12 onwards). While no specific CWE is listed, this falls under improper input validation and missing bounds checking categories, allowing corrupted on-disk structures to propagate into kernel memory operations.

Affected Products

The Linux kernel across all supported versions with JFS file system support is affected, specifically including kernel versions from 2.6.12 onwards as indicated by the CPE strings cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*. Patches have been applied to multiple stable kernel branches as evidenced by the kernel.org commit references (commits 00462be586b3, 02edcfda4191, 2d04df8116426, 6bc86f1d7d54, 78989af5bbf5, 9605cb2ea38b, 9ad054cd2c4c, 9f896c3d0192, and fd9454b7710b). Linux distributions that have incorporated these fixes include Debian (see debian-lts-announce/2025/10/msg00007.html and msg00008.html). Affected deployments using JFS as the primary or secondary file system should prioritize updates.

Remediation

Apply kernel updates from your distribution's package manager that include the JFS corruption fix. For users running affected kernel versions, upgrade to a patched stable release that includes one of the nine commits referenced in the kernel.org repositories (commits starting with 00462be5, 02edcfda, 2d04df81, 6bc86f1d, 78989af5, 9605cb2e, 9ad054cd, 9f896c3d, or fd9454b7). Debian LTS users should review security advisories at lists.debian.org/debian-lts-announce/2025/10/ for recommended versions. Until patching is completed, restrict local user access to systems using JFS and disable JFS mounting if not required; for production systems, verify file system integrity using fsck.jfs before bringing systems into production. Monitor system logs for file operation errors that may indicate exploitation attempts.

Priority Score

28
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +28
POC: 0

Vendor Status

Share

CVE-2025-38698 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy