We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-38058

__legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock



Description

In the Linux kernel, the following vulnerability has been resolved: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock ... or we risk stealing final mntput from sync umount - raising mnt_count after umount(2) has verified that victim is not busy, but before it has set MNT_SYNC_UMOUNT; in that case __legitimize_mnt() doesn't see that it's safe to quietly undo mnt_count increment and leaves dropping the reference to caller, where it'll be a full-blown mntput(). Check under mount_lock is needed; leaving the current one done before taking that makes no sense - it's nowhere near common enough to bother with.

Reserved 2025-04-16 | Published 2025-06-18 | Updated 2025-06-18 | Assigner Linux

Product status

Default status
unaffected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 628fb00195ce21a90cf9e4e3d105cd9e58f77b40
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before b89eb56a378b7b2c1176787fc228d0a57172bdd5
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before f6d45fd92f62845cbd1eb5128fd8f0ed7d0c5a42
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 9b0915e72b3cf52474dcee0b24a2f99d93e604a3
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before d8ece4ced3b051e656c77180df2e69e19e24edc1
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 8cafd7266fa02e0863bacbf872fe635c0b9725eb
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before b55996939c71a3e1a38f3cdc6a8859797efc9083
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 250cf3693060a5f803c5f1ddc082bb06b16112a9
affected

Default status
affected

5.4.294
unaffected

5.10.238
unaffected

5.15.185
unaffected

6.1.141
unaffected

6.6.93
unaffected

6.12.31
unaffected

6.14.9
unaffected

6.15
unaffected

References

git.kernel.org/...c/628fb00195ce21a90cf9e4e3d105cd9e58f77b40

git.kernel.org/...c/b89eb56a378b7b2c1176787fc228d0a57172bdd5

git.kernel.org/...c/f6d45fd92f62845cbd1eb5128fd8f0ed7d0c5a42

git.kernel.org/...c/9b0915e72b3cf52474dcee0b24a2f99d93e604a3

git.kernel.org/...c/d8ece4ced3b051e656c77180df2e69e19e24edc1

git.kernel.org/...c/8cafd7266fa02e0863bacbf872fe635c0b9725eb

git.kernel.org/...c/b55996939c71a3e1a38f3cdc6a8859797efc9083

git.kernel.org/...c/250cf3693060a5f803c5f1ddc082bb06b16112a9

cve.org (CVE-2025-38058)

nvd.nist.gov (CVE-2025-38058)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-38058

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.