CVE-2025-38382
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-38382
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38382.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-38382
- Downstream
- Related
- Published
- 2025-07-25T13:15:27Z
- Modified
- 2025-08-12T21:01:18Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix iteration of extrefs during log replay
At _inodeaddref() when processing extrefs, if we jump into the next label we have an undefined value of victimname.len, since we haven't initialized it before we did the goto. This results in an invalid memory access in the next iteration of the loop since victim_name.len was not initialized to the length of the name of the current extref.
Fix this by initializing victim_name.len with the current extref's name length.
- References
-
- https://git.kernel.org/stable/c/2d11d274e2e1d7c79e2ca8461ce3ff3a95c11171
- https://git.kernel.org/stable/c/539969fc472886a1d63565459514d47e27fef461
- https://git.kernel.org/stable/c/54a7081ed168b72a8a2d6ef4ba3a1259705a2926
- https://git.kernel.org/stable/c/7ac790dc2ba00499a8d671d4a24de4d4ad27e234
- https://git.kernel.org/stable/c/aee57a0293dca675637e5504709f9f8fd8e871be