CVE-2025-38206

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-38206

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38206.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-38206

Downstream

BELL-CVE-2025-38206

DEBIAN-CVE-2025-38206

SUSE-SU-2025:02849-1

SUSE-SU-2025:02851-1

SUSE-SU-2025:02852-1

SUSE-SU-2025:02853-1

SUSE-SU-2025:02923-1

SUSE-SU-2025:02969-1

SUSE-SU-2025:03023-1

UBUNTU-CVE-2025-38206

Related

Published

2025-07-04T14:15:28Z

Modified

2025-08-09T20:01:26Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

exfat: fix double free in delayed_free

The double free could happen in the following path.

exfatcreateupcasetable() exfatcreateupcasetable() : return error exfatfreeupcasetable() : free ->volutbl exfatloaddefaultupcasetable : return error exfatkillsb() delayedfree() exfatfreeupcasetable() <--------- double free This patch set ->vol_util as NULL after freeing it.

References

Affected packages