CVE-2025-38615
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-38615
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38615.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-38615
- Downstream
- Related
- Published
- 2025-08-19T17:15:40Z
- Modified
- 2025-09-06T13:01:49Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: cancle set bad inode after removing name fails
The reproducer uses a file0 on a ntfs3 file system with a corrupted i_link. When renaming, the file0's inode is marked as a bad inode because the file name cannot be deleted.
The underlying bug is that makebadinode() is called on a live inode. In some cases it's "icache lookup finds a normal inode, dsplicealias() is called to attach it to dentry, while another thread decides to call makebadinode() on it - that would evict it from icache, but we'd already found it there earlier". In some it's outright "we have an inode attached to dentry - that's how we got it in the first place; let's call makebadinode() on it just for shits and giggles".
- References
-
- https://git.kernel.org/stable/c/358d4f821c03add421a4c49290538a705852ccf1
- https://git.kernel.org/stable/c/3ed2cc6a6e93fbeb8c0cafce1e7fb1f64a331dcc
- https://git.kernel.org/stable/c/a285395020780adac1ffbc844069c3d700bf007a
- https://git.kernel.org/stable/c/b35a50d639ca5259466ef5fea85529bb4fb17d5b
- https://git.kernel.org/stable/c/d99208b91933fd2a58ed9ed321af07dacd06ddc3