Vulnerability Database

318,756

Total vulnerabilities in the database

CVE-2025-38663

In the Linux kernel, the following vulnerability has been resolved:

nilfs2: reject invalid file types when reading inodes

To prevent inodes with invalid file types from tripping through the vfs and causing malfunctions or assertion failures, add a missing sanity check when reading an inode from a block device. If the file type is not valid, treat it as a filesystem error.

  • Published: Aug 22, 2025
  • Updated: Jan 8, 2026
  • CVE: CVE-2025-38663
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.5
  • AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

No CWE or OWASP classifications available.

Software From Fixed in
linux / linux_kernel 2.6.30 5.4.297
linux / linux_kernel 5.5 5.10.241
linux / linux_kernel 5.11 5.15.190
linux / linux_kernel 5.16 6.1.148
linux / linux_kernel 6.2 6.6.101
linux / linux_kernel 6.7 6.12.41
linux / linux_kernel 6.13 6.15.9
linux / linux_kernel 6.16-rc1 6.16-rc1.x
linux / linux_kernel 6.16-rc2 6.16-rc2.x
linux / linux_kernel 6.16-rc3 6.16-rc3.x
linux / linux_kernel 6.16-rc4 6.16-rc4.x
linux / linux_kernel 6.16-rc5 6.16-rc5.x
linux / linux_kernel 6.16-rc6 6.16-rc6.x
linux / linux_kernel 6.16-rc7 6.16-rc7.x
debian / debian_linux 11.0 11.0.x