CVE-2025-22076

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-22076
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-22076.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-22076
Downstream
Published
2025-04-16T14:12:27.214Z
Modified
2025-11-20T09:02:59.023725Z
Summary
exfat: fix missing shutdown check
Details

In the Linux kernel, the following vulnerability has been resolved:

exfat: fix missing shutdown check

xfstests generic/730 test failed because after deleting the device that still had dirty data, the file could still be read without returning an error. The reason is the missing shutdown check in ->read_iter.

I also noticed that shutdown checks were missing from ->writeiter, ->spliceread, and ->mmap. This commit adds shutdown checks to all of them.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
f761fcdd289d07e8547fef7ac76c3760fc7803f2
Fixed
4a9595eb024b8319957c178be3cdeed613ac0795
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
f761fcdd289d07e8547fef7ac76c3760fc7803f2
Fixed
e41e33eb795cb9c1ead6ac627d8710546fac6e81
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
f761fcdd289d07e8547fef7ac76c3760fc7803f2
Fixed
539147585ca453db6e3d7a5cf3b9c9690513762d
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
f761fcdd289d07e8547fef7ac76c3760fc7803f2
Fixed
47e35366bc6fa3cf189a8305bce63992495f3efa

Affected versions

v6.*

v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.16
v6.12.17
v6.12.18
v6.12.19
v6.12.2
v6.12.20
v6.12.21
v6.12.22
v6.12.3
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.13.1
v6.13.10
v6.13.2
v6.13.3
v6.13.4
v6.13.5
v6.13.6
v6.13.7
v6.13.8
v6.13.9
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.14.1

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "target": {
            "file": "fs/exfat/file.c",
            "function": "exfat_file_mmap"
        },
        "digest": {
            "function_hash": "219314374347214602290907305462484203166",
            "length": 131.0
        },
        "id": "CVE-2025-22076-19480176",
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e41e33eb795cb9c1ead6ac627d8710546fac6e81",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "fs/exfat/file.c",
            "function": "exfat_file_mmap"
        },
        "digest": {
            "function_hash": "219314374347214602290907305462484203166",
            "length": 131.0
        },
        "id": "CVE-2025-22076-357b321e",
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@539147585ca453db6e3d7a5cf3b9c9690513762d",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "fs/exfat/file.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "8527038598521190561084082763531308168",
                "22228219516540132634698785118220868648",
                "228340439065873288011772612491421246042",
                "4735871652928905499226374489181482404",
                "219236878879139704713401150382452806592",
                "21948714589058821169481614685983528163",
                "121234777575206603668185433222052205785",
                "236194992442560694863657216162967197449",
                "333435944465952065569573615693659659101",
                "261840389887407337435413450053428116986",
                "285355536607397914042370476444026551788",
                "34503179109544985805809293891736525287",
                "126958332345944817692718630487229828693",
                "93367199962677010665982554041973098525",
                "77956216721679536982973666045163501444",
                "220859239908378399208212019786038494511",
                "323178363234944300376110897025724230353",
                "29734214081850991130084813445231886292",
                "306618015989338984601219008071548034514",
                "308745367821743611053144292726556629145",
                "100142919423557694656723339754526155239"
            ]
        },
        "id": "CVE-2025-22076-565c9894",
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4a9595eb024b8319957c178be3cdeed613ac0795",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "fs/exfat/file.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "8527038598521190561084082763531308168",
                "22228219516540132634698785118220868648",
                "228340439065873288011772612491421246042",
                "4735871652928905499226374489181482404",
                "219236878879139704713401150382452806592",
                "21948714589058821169481614685983528163",
                "121234777575206603668185433222052205785",
                "236194992442560694863657216162967197449",
                "333435944465952065569573615693659659101",
                "261840389887407337435413450053428116986",
                "285355536607397914042370476444026551788",
                "34503179109544985805809293891736525287",
                "126958332345944817692718630487229828693",
                "93367199962677010665982554041973098525",
                "77956216721679536982973666045163501444",
                "220859239908378399208212019786038494511",
                "323178363234944300376110897025724230353",
                "29734214081850991130084813445231886292",
                "306618015989338984601219008071548034514",
                "308745367821743611053144292726556629145",
                "100142919423557694656723339754526155239"
            ]
        },
        "id": "CVE-2025-22076-5a8ba549",
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e41e33eb795cb9c1ead6ac627d8710546fac6e81",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "fs/exfat/file.c",
            "function": "exfat_file_write_iter"
        },
        "digest": {
            "function_hash": "84087745729147164755227300750280625999",
            "length": 1096.0
        },
        "id": "CVE-2025-22076-5c245f2c",
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@539147585ca453db6e3d7a5cf3b9c9690513762d",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "fs/exfat/file.c",
            "function": "exfat_file_mmap"
        },
        "digest": {
            "function_hash": "219314374347214602290907305462484203166",
            "length": 131.0
        },
        "id": "CVE-2025-22076-758a2697",
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@47e35366bc6fa3cf189a8305bce63992495f3efa",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "fs/exfat/file.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "8527038598521190561084082763531308168",
                "22228219516540132634698785118220868648",
                "228340439065873288011772612491421246042",
                "4735871652928905499226374489181482404",
                "219236878879139704713401150382452806592",
                "21948714589058821169481614685983528163",
                "121234777575206603668185433222052205785",
                "236194992442560694863657216162967197449",
                "333435944465952065569573615693659659101",
                "261840389887407337435413450053428116986",
                "285355536607397914042370476444026551788",
                "34503179109544985805809293891736525287",
                "126958332345944817692718630487229828693",
                "93367199962677010665982554041973098525",
                "77956216721679536982973666045163501444",
                "220859239908378399208212019786038494511",
                "323178363234944300376110897025724230353",
                "29734214081850991130084813445231886292",
                "306618015989338984601219008071548034514",
                "308745367821743611053144292726556629145",
                "100142919423557694656723339754526155239"
            ]
        },
        "id": "CVE-2025-22076-7f4b01b0",
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@47e35366bc6fa3cf189a8305bce63992495f3efa",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "fs/exfat/file.c",
            "function": "exfat_file_write_iter"
        },
        "digest": {
            "function_hash": "84087745729147164755227300750280625999",
            "length": 1096.0
        },
        "id": "CVE-2025-22076-811e2517",
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4a9595eb024b8319957c178be3cdeed613ac0795",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "fs/exfat/file.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "8527038598521190561084082763531308168",
                "22228219516540132634698785118220868648",
                "228340439065873288011772612491421246042",
                "4735871652928905499226374489181482404",
                "219236878879139704713401150382452806592",
                "21948714589058821169481614685983528163",
                "121234777575206603668185433222052205785",
                "236194992442560694863657216162967197449",
                "333435944465952065569573615693659659101",
                "261840389887407337435413450053428116986",
                "285355536607397914042370476444026551788",
                "34503179109544985805809293891736525287",
                "126958332345944817692718630487229828693",
                "93367199962677010665982554041973098525",
                "77956216721679536982973666045163501444",
                "220859239908378399208212019786038494511",
                "323178363234944300376110897025724230353",
                "29734214081850991130084813445231886292",
                "306618015989338984601219008071548034514",
                "308745367821743611053144292726556629145",
                "100142919423557694656723339754526155239"
            ]
        },
        "id": "CVE-2025-22076-908c6e46",
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@539147585ca453db6e3d7a5cf3b9c9690513762d",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "fs/exfat/file.c",
            "function": "exfat_file_write_iter"
        },
        "digest": {
            "function_hash": "84087745729147164755227300750280625999",
            "length": 1096.0
        },
        "id": "CVE-2025-22076-c8c955fe",
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e41e33eb795cb9c1ead6ac627d8710546fac6e81",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "fs/exfat/file.c",
            "function": "exfat_file_write_iter"
        },
        "digest": {
            "function_hash": "84087745729147164755227300750280625999",
            "length": 1096.0
        },
        "id": "CVE-2025-22076-e481b991",
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@47e35366bc6fa3cf189a8305bce63992495f3efa",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "fs/exfat/file.c",
            "function": "exfat_file_mmap"
        },
        "digest": {
            "function_hash": "219314374347214602290907305462484203166",
            "length": 131.0
        },
        "id": "CVE-2025-22076-ff6a1797",
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4a9595eb024b8319957c178be3cdeed613ac0795",
        "signature_version": "v1"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.12.0
Fixed
6.12.23
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.13.11
Type
ECOSYSTEM
Events
Introduced
6.14.0
Fixed
6.14.2