CVE-2025-38204

Published: Jul 4, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds read in add_missing_indices stbl is s8 but it must contain offsets into slot which can go from 0 to 127. Added a bound check for that error and return -EIO if the check fails. Also make jfs_readdir return with error if add_missing_indices returns with an error.

Vendor	Product	Versions
Linux	Linux	affected `1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 81af4b34fd72d390d7f237c6a545cc6d09707956` affected `1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < bfa4655d28f338e68d345aed80d19be7999bbce2` affected `1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 44618bee303bed151ef3a525ff79fbd7689593b5` affected `1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < c8399564a58fb6ea2ff21a6fd278417943cb51a5` affected `1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 5dff41a86377563f7a2b968aae00d25b4ceb37c9`
Linux	Linux	affected `2.6.12` unaffected `0 - < 2.6.12` unaffected `5.4.295 - <= 5.4.` unaffected `5.10.239 - <= 5.10.` unaffected `5.15.186 - <= 5.15.*` +2 more versions

References

https://git.kernel.org/stable/c/81af4b34fd72d390d7f237c6a545cc6d09707956

https://git.kernel.org/stable/c/bfa4655d28f338e68d345aed80d19be7999bbce2

https://git.kernel.org/stable/c/44618bee303bed151ef3a525ff79fbd7689593b5

https://git.kernel.org/stable/c/c8399564a58fb6ea2ff21a6fd278417943cb51a5

https://git.kernel.org/stable/c/5dff41a86377563f7a2b968aae00d25b4ceb37c9

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-38204

Description

Affected Products

References