{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-38697", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T04:51:24.032Z", "datePublished": "2025-09-04T15:32:49.848Z", "dateUpdated": "2025-09-04T15:32:49.848Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-09-04T15:32:49.848Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: upper bound check of tree index in dbAllocAG\n\nWhen computing the tree index in dbAllocAG, we never check if we are\nout of bounds realative to the size of the stree.\nThis could happen in a scenario where the filesystem metadata are\ncorrupted."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/jfs/jfs_dmap.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "5bdb9553fb134fd52ec208a8b378120670f6e784", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "a4f199203f79ca9cd7355799ccb26800174ff093", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "1467a75819e41341cd5ebd16faa2af1ca3c8f4fe", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "49ea46d9025aa1914b24ea957636cbe4367a7311", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "173cfd741ad7073640bfb7e2344c2a0ee005e769", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "c8ca21a2836993d7cb816668458e05e598574e55", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "2dd05f09cc323018136a7ecdb3d1007be9ede27f", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "30e19a884c0b11f33821aacda7e72e914bec26ef", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "c214006856ff52a8ff17ed8da52d50601d54f9ce", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/jfs/jfs_dmap.c"], "versions": [{"version": "5.4.297", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.241", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.190", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.149", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.103", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.43", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.15.11", "lessThanOrEqual": "6.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.16.2", "lessThanOrEqual": "6.16.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.17-rc1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.4.297"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.10.241"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.15.190"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.1.149"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.6.103"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.12.43"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.15.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.16.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.17-rc1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/5bdb9553fb134fd52ec208a8b378120670f6e784"}, {"url": "https://git.kernel.org/stable/c/a4f199203f79ca9cd7355799ccb26800174ff093"}, {"url": "https://git.kernel.org/stable/c/1467a75819e41341cd5ebd16faa2af1ca3c8f4fe"}, {"url": "https://git.kernel.org/stable/c/49ea46d9025aa1914b24ea957636cbe4367a7311"}, {"url": "https://git.kernel.org/stable/c/173cfd741ad7073640bfb7e2344c2a0ee005e769"}, {"url": "https://git.kernel.org/stable/c/c8ca21a2836993d7cb816668458e05e598574e55"}, {"url": "https://git.kernel.org/stable/c/2dd05f09cc323018136a7ecdb3d1007be9ede27f"}, {"url": "https://git.kernel.org/stable/c/30e19a884c0b11f33821aacda7e72e914bec26ef"}, {"url": "https://git.kernel.org/stable/c/c214006856ff52a8ff17ed8da52d50601d54f9ce"}], "title": "jfs: upper bound check of tree index in dbAllocAG", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: upper bound check of tree index in dbAllocAG\n\nWhen computing the tree index in dbAllocAG, we never check if we are\nout of bounds realative to the size of the stree.\nThis could happen in a scenario where the filesystem metadata are\ncorrupted."}], "id": "CVE-2025-38697", "lastModified": "2025-09-05T17:47:24.833", "metrics": {}, "published": "2025-09-04T16:15:38.210", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/1467a75819e41341cd5ebd16faa2af1ca3c8f4fe"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/173cfd741ad7073640bfb7e2344c2a0ee005e769"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/2dd05f09cc323018136a7ecdb3d1007be9ede27f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/30e19a884c0b11f33821aacda7e72e914bec26ef"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/49ea46d9025aa1914b24ea957636cbe4367a7311"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/5bdb9553fb134fd52ec208a8b378120670f6e784"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a4f199203f79ca9cd7355799ccb26800174ff093"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c214006856ff52a8ff17ed8da52d50601d54f9ce"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c8ca21a2836993d7cb816668458e05e598574e55"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: jfs: upper bound check of tree index in dbAllocAG", "id": "2393182", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393182"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "details": ["No description is available for this CVE."], "name": "CVE-2025-38697", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-09-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-38697\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-38697\nhttps://lore.kernel.org/linux-cve-announce/2025090451-CVE-2025-38697-b37e@gregkh/T"], "threat_severity": "Moderate"}