CVE-2025-38306

Published: Jul 10, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: fs/fhandle.c: fix a race in call of has_locked_children() may_decode_fh() is calling has_locked_children() while holding no locks. That's an oopsable race... The rest of the callers are safe since they are holding namespace_sem and are guaranteed a positive refcount on the mount in question. Rename the current has_locked_children() to __has_locked_children(), make it static and switch the fs/namespace.c users to it. Make has_locked_children() a wrapper for __has_locked_children(), calling the latter under read_seqlock_excl(&mount_lock).

Vendor	Product	Versions
Linux	Linux	affected `620c266f394932e5decc4b34683a75dfc59dc2f4 - < 6482c3dccbfb8d20e2856ce67c75856859930b3f` affected `620c266f394932e5decc4b34683a75dfc59dc2f4 - < 287c7d34eedd37af1272dfb3b6e8656f4f026424` affected `620c266f394932e5decc4b34683a75dfc59dc2f4 - < 1f282cdc1d219c4a557f7009e81bc792820d9d9a`
Linux	Linux	affected `6.11` unaffected `0 - < 6.11` unaffected `6.12.46 - <= 6.12.` unaffected `6.15.3 - <= 6.15.` unaffected `6.16 - <= *`

References

https://git.kernel.org/stable/c/6482c3dccbfb8d20e2856ce67c75856859930b3f

https://git.kernel.org/stable/c/287c7d34eedd37af1272dfb3b6e8656f4f026424

https://git.kernel.org/stable/c/1f282cdc1d219c4a557f7009e81bc792820d9d9a

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-38306

Description

Affected Products

References