CVE-2025-38058
Published: Jun 18, 2025
Modified: May 12, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock ... or we risk stealing final mntput from sync umount - raising mnt_count after umount(2) has verified that victim is not busy, but before it has set MNT_SYNC_UMOUNT; in that case __legitimize_mnt() doesn't see that it's safe to quietly undo mnt_count increment and leaves dropping the reference to caller, where it'll be a full-blown mntput(). Check under mount_lock is needed; leaving the current one done before taking that makes no sense - it's nowhere near common enough to bother with.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 48a066e72d970a3e225a9c18690d570c736fc455 - < 628fb00195ce21a90cf9e4e3d105cd9e58f77b40affected 48a066e72d970a3e225a9c18690d570c736fc455 - < b89eb56a378b7b2c1176787fc228d0a57172bdd5affected 48a066e72d970a3e225a9c18690d570c736fc455 - < f6d45fd92f62845cbd1eb5128fd8f0ed7d0c5a42affected 48a066e72d970a3e225a9c18690d570c736fc455 - < 9b0915e72b3cf52474dcee0b24a2f99d93e604a3affected 48a066e72d970a3e225a9c18690d570c736fc455 - < d8ece4ced3b051e656c77180df2e69e19e24edc1+3 more versions |
Linux | Linux | affected 3.13unaffected 0 - < 3.13unaffected 5.4.294 - <= 5.4.*unaffected 5.10.238 - <= 5.10.*unaffected 5.15.185 - <= 5.15.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now