{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-38663","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-04-16T04:51:24.031Z","datePublished":"2025-08-22T16:02:55.856Z","dateUpdated":"2026-05-11T21:32:34.224Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:32:34.224Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: reject invalid file types when reading inodes\n\nTo prevent inodes with invalid file types from tripping through the vfs\nand causing malfunctions or assertion failures, add a missing sanity check\nwhen reading an inode from a block device.  If the file type is not valid,\ntreat it as a filesystem error."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/nilfs2/inode.c"],"versions":[{"version":"05fe58fdc10df9ebea04c0eaed57adc47af5c184","lessThan":"dd298c0b889acd3ecaf48b6e840c9ab91882e342","status":"affected","versionType":"git"},{"version":"05fe58fdc10df9ebea04c0eaed57adc47af5c184","lessThan":"2cf0c4130bf340be3935d097a3dcbfefdcf65815","status":"affected","versionType":"git"},{"version":"05fe58fdc10df9ebea04c0eaed57adc47af5c184","lessThan":"98872a934ea6a95985fb6a3655a78a5f0c114e82","status":"affected","versionType":"git"},{"version":"05fe58fdc10df9ebea04c0eaed57adc47af5c184","lessThan":"1a5c204e175a78556b8ef1f7683249fa5197295a","status":"affected","versionType":"git"},{"version":"05fe58fdc10df9ebea04c0eaed57adc47af5c184","lessThan":"bf585ee198bba4ff25b0d80a0891df4656cb0d08","status":"affected","versionType":"git"},{"version":"05fe58fdc10df9ebea04c0eaed57adc47af5c184","lessThan":"79663a15a1c70ca84f86f2dbba07b423fe7d5d4f","status":"affected","versionType":"git"},{"version":"05fe58fdc10df9ebea04c0eaed57adc47af5c184","lessThan":"42cd46b3a8b1497b9258dc7ac445dbd6beb73e2f","status":"affected","versionType":"git"},{"version":"05fe58fdc10df9ebea04c0eaed57adc47af5c184","lessThan":"4aead50caf67e01020c8be1945c3201e8a972a27","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/nilfs2/inode.c"],"versions":[{"version":"2.6.30","status":"affected"},{"version":"0","lessThan":"2.6.30","status":"unaffected","versionType":"semver"},{"version":"5.4.297","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.241","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.190","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.148","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.101","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.41","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.15.9","lessThanOrEqual":"6.15.*","status":"unaffected","versionType":"semver"},{"version":"6.16","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.30","versionEndExcluding":"5.4.297"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.30","versionEndExcluding":"5.10.241"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.30","versionEndExcluding":"5.15.190"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.30","versionEndExcluding":"6.1.148"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.30","versionEndExcluding":"6.6.101"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.30","versionEndExcluding":"6.12.41"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.30","versionEndExcluding":"6.15.9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.30","versionEndExcluding":"6.16"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/dd298c0b889acd3ecaf48b6e840c9ab91882e342"},{"url":"https://git.kernel.org/stable/c/2cf0c4130bf340be3935d097a3dcbfefdcf65815"},{"url":"https://git.kernel.org/stable/c/98872a934ea6a95985fb6a3655a78a5f0c114e82"},{"url":"https://git.kernel.org/stable/c/1a5c204e175a78556b8ef1f7683249fa5197295a"},{"url":"https://git.kernel.org/stable/c/bf585ee198bba4ff25b0d80a0891df4656cb0d08"},{"url":"https://git.kernel.org/stable/c/79663a15a1c70ca84f86f2dbba07b423fe7d5d4f"},{"url":"https://git.kernel.org/stable/c/42cd46b3a8b1497b9258dc7ac445dbd6beb73e2f"},{"url":"https://git.kernel.org/stable/c/4aead50caf67e01020c8be1945c3201e8a972a27"}],"title":"nilfs2: reject invalid file types when reading inodes","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"},{"url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T17:40:48.469Z"}}]}}