CVE-2025-38697

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-38697
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38697.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-38697
Downstream
Related
Published
2025-09-04T15:32:49.848Z
Modified
2026-03-20T12:42:58.702944Z
Summary
jfs: upper bound check of tree index in dbAllocAG
Details

In the Linux kernel, the following vulnerability has been resolved:

jfs: upper bound check of tree index in dbAllocAG

When computing the tree index in dbAllocAG, we never check if we are out of bounds realative to the size of the stree. This could happen in a scenario where the filesystem metadata are corrupted.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38697.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed
5bdb9553fb134fd52ec208a8b378120670f6e784
Fixed
a4f199203f79ca9cd7355799ccb26800174ff093
Fixed
1467a75819e41341cd5ebd16faa2af1ca3c8f4fe
Fixed
49ea46d9025aa1914b24ea957636cbe4367a7311
Fixed
173cfd741ad7073640bfb7e2344c2a0ee005e769
Fixed
c8ca21a2836993d7cb816668458e05e598574e55
Fixed
2dd05f09cc323018136a7ecdb3d1007be9ede27f
Fixed
30e19a884c0b11f33821aacda7e72e914bec26ef
Fixed
c214006856ff52a8ff17ed8da52d50601d54f9ce

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38697.json"