CVE-2025-38692
- Source
- https://cve.org/CVERecord?id=CVE-2025-38692
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38692.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-38692
- Downstream
- Related
- Published
- 2025-09-04T15:32:46.004Z
- Modified
- 2026-03-20T12:42:58.690186Z
- Summary
- exfat: add cluster chain loop check for dir
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
exfat: add cluster chain loop check for dir
An infinite loop may occur if the following conditions occur due to file system corruption.
(1) Condition for exfatcountdir_entries() to loop infinitely. - The cluster chain includes a loop. - There is no UNUSED entry in the cluster chain.
(2) Condition for exfatcreateupcase_table() to loop infinitely. - The cluster chain of the root directory includes a loop. - There are no UNUSED entry and up-case table entry in the cluster chain of the root directory.
(3) Condition for exfatloadbitmap() to loop infinitely. - The cluster chain of the root directory includes a loop. - There are no UNUSED entry and bitmap entry in the cluster chain of the root directory.
(4) Condition for exfatfinddir_entry() to loop infinitely. - The cluster chain includes a loop. - The unused directory entries were exhausted by some operation.
(5) Condition for exfatcheckdir_empty() to loop infinitely. - The cluster chain includes a loop. - The unused directory entries were exhausted by some operation. - All files and sub-directories under the directory are deleted.
This commit adds checks to break the above infinite loop.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38692.json" }- References
-
- https://git.kernel.org/stable/c/4c3cda20c4cf1871e27868d08fda06b79bc7d568
- https://git.kernel.org/stable/c/868f23286c1a13162330fa6c614fe350f78e3f82
- https://git.kernel.org/stable/c/99f9a97dce39ad413c39b92c90393bbd6778f3fd
- https://git.kernel.org/stable/c/aa8fe7b7b73d4c9a41bb96cb3fb3092f794ecb33
- https://git.kernel.org/stable/c/e2066ca3ef49a30920d8536fa366b2a183a808ee
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38692.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-38692
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced1acf1a564b6034b5af1e7fb23cb98cb3bb4f6003Fixed868f23286c1a13162330fa6c614fe350f78e3f82Fixedaa8fe7b7b73d4c9a41bb96cb3fb3092f794ecb33Fixede2066ca3ef49a30920d8536fa366b2a183a808eeFixed4c3cda20c4cf1871e27868d08fda06b79bc7d568Fixed99f9a97dce39ad413c39b92c90393bbd6778f3fd