Vulnerability Database

318,756

Total vulnerabilities in the database

CVE-2025-38058

In the Linux kernel, the following vulnerability has been resolved:

__legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock

... or we risk stealing final mntput from sync umount - raising mnt_count after umount(2) has verified that victim is not busy, but before it has set MNT_SYNC_UMOUNT; in that case __legitimize_mnt() doesn't see that it's safe to quietly undo mnt_count increment and leaves dropping the reference to caller, where it'll be a full-blown mntput().

Check under mount_lock is needed; leaving the current one done before taking that makes no sense - it's nowhere near common enough to bother with.

  • Published: Jun 18, 2025
  • Updated: Dec 19, 2025
  • CVE: CVE-2025-38058
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.5
  • AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWEs:

Software From Fixed in
linux / linux_kernel - 5.4.294
linux / linux_kernel 5.5 5.10.238
linux / linux_kernel 5.11 5.15.185
linux / linux_kernel 5.16 6.1.141
linux / linux_kernel 6.2 6.6.93
linux / linux_kernel 6.7 6.12.31
linux / linux_kernel 6.13 6.14.9
linux / linux_kernel 6.15-rc1 6.15-rc1.x
linux / linux_kernel 6.15-rc2 6.15-rc2.x
linux / linux_kernel 6.15-rc3 6.15-rc3.x
linux / linux_kernel 6.15-rc4 6.15-rc4.x
linux / linux_kernel 6.15-rc5 6.15-rc5.x
debian / debian_linux 11.0 11.0.x