DEBIAN-CVE-2025-38302

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2025-38302

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2025-38302.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2025-38302

Upstream

CVE-2025-38302

Published

2025-07-10T08:15:28Z

Modified

2025-09-19T06:25:05Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved: block: don't use submitbionoacctnocheck in blkzonewplugbiowork Bios queued up in the zone write plug have already gone through all all preparation in the submitbio path, including the freeze protection. Submitting them through submitbionoacctnocheck duplicates the work and can can cause deadlocks when freezing a queue with pending bio write plugs. Go straight to ->submitbio or blkmqsubmit_bio to bypass the superfluous extra freeze protection and checks.

References

https://security-tracker.debian.org/tracker/CVE-2025-38302

Affected packages

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.12.35-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:14 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.12.35-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}