CVE-2025-37863

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-37863
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37863.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-37863
Downstream
Published
2025-05-09T06:43:54.250Z
Modified
2025-11-16T16:53:51.618733Z
Summary
ovl: don't allow datadir only
Details

In the Linux kernel, the following vulnerability has been resolved:

ovl: don't allow datadir only

In theory overlayfs could support upper layer directly referring to a data layer, but there's no current use case for this.

Originally, when data-only layers were introduced, this wasn't allowed, only introduced by the "datadir+" feature, but without actually handling this case, resulting in an Oops.

Fix by disallowing datadir without lowerdir.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
cc0918b3582c98f12cfb30bf7496496d14bff3e9
Fixed
0874b629f65320778e7e3e206177770666d9db18
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
24e16e385f2272b1a9df51337a5c32d28a29c7ad
Fixed
b9e3579213ba648fa23f780e8d53e99011c62331
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
24e16e385f2272b1a9df51337a5c32d28a29c7ad
Fixed
21d2ffb0e9838a175064c22f3a9de97d1f56f27d
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
24e16e385f2272b1a9df51337a5c32d28a29c7ad
Fixed
eb3a04a8516ee9b5174379306f94279fc90424c4

Affected versions

v6.*

v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.16
v6.12.17
v6.12.18
v6.12.19
v6.12.2
v6.12.20
v6.12.21
v6.12.22
v6.12.23
v6.12.24
v6.12.3
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.14.1
v6.14.2
v6.14.3
v6.15-rc1
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.44
v6.6.45
v6.6.46
v6.6.47
v6.6.48
v6.6.49
v6.6.50
v6.6.51
v6.6.52
v6.6.53
v6.6.54
v6.6.55
v6.6.56
v6.6.57
v6.6.58
v6.6.59
v6.6.60
v6.6.61
v6.6.62
v6.6.63
v6.6.64
v6.6.65
v6.6.66
v6.6.67
v6.6.68
v6.6.69
v6.6.70
v6.6.71
v6.6.72
v6.6.73
v6.6.74
v6.6.75
v6.6.76
v6.6.77
v6.6.78
v6.6.79
v6.6.80
v6.6.81
v6.6.82
v6.6.83
v6.6.84
v6.6.85
v6.6.86
v6.6.87
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7

Database specific

vanir_signatures

[
    {
        "digest": {
            "function_hash": "30454129787400404652862575956404285882",
            "length": 1231.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2025-37863-49087981",
        "target": {
            "file": "fs/overlayfs/super.c",
            "function": "ovl_get_lowerstack"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@21d2ffb0e9838a175064c22f3a9de97d1f56f27d",
        "signature_type": "Function"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "210311947937344973077478459723627170128",
                "263716533778551302290672421685575162227",
                "292938365297328827220626744396098549396"
            ]
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2025-37863-533d5370",
        "target": {
            "file": "fs/overlayfs/super.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eb3a04a8516ee9b5174379306f94279fc90424c4",
        "signature_type": "Line"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "210311947937344973077478459723627170128",
                "263716533778551302290672421685575162227",
                "292938365297328827220626744396098549396"
            ]
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2025-37863-68eca5f1",
        "target": {
            "file": "fs/overlayfs/super.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@21d2ffb0e9838a175064c22f3a9de97d1f56f27d",
        "signature_type": "Line"
    },
    {
        "digest": {
            "function_hash": "30454129787400404652862575956404285882",
            "length": 1231.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2025-37863-858814f4",
        "target": {
            "file": "fs/overlayfs/super.c",
            "function": "ovl_get_lowerstack"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0874b629f65320778e7e3e206177770666d9db18",
        "signature_type": "Function"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "210311947937344973077478459723627170128",
                "263716533778551302290672421685575162227",
                "292938365297328827220626744396098549396"
            ]
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2025-37863-bdd86e40",
        "target": {
            "file": "fs/overlayfs/super.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b9e3579213ba648fa23f780e8d53e99011c62331",
        "signature_type": "Line"
    },
    {
        "digest": {
            "function_hash": "30454129787400404652862575956404285882",
            "length": 1231.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2025-37863-bec239cf",
        "target": {
            "file": "fs/overlayfs/super.c",
            "function": "ovl_get_lowerstack"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b9e3579213ba648fa23f780e8d53e99011c62331",
        "signature_type": "Function"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "210311947937344973077478459723627170128",
                "263716533778551302290672421685575162227",
                "292938365297328827220626744396098549396"
            ]
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2025-37863-d5ce8d54",
        "target": {
            "file": "fs/overlayfs/super.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0874b629f65320778e7e3e206177770666d9db18",
        "signature_type": "Line"
    },
    {
        "digest": {
            "function_hash": "30454129787400404652862575956404285882",
            "length": 1231.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2025-37863-de09e7b0",
        "target": {
            "file": "fs/overlayfs/super.c",
            "function": "ovl_get_lowerstack"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eb3a04a8516ee9b5174379306f94279fc90424c4",
        "signature_type": "Function"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.6.88
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.25
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.14.4