CVE-2025-22076

5.5 MEDIUM
Published: April 16, 2025 Modified: October 31, 2025
View on NVD

Description

In the Linux kernel, the following vulnerability has been resolved: exfat: fix missing shutdown check xfstests generic/730 test failed because after deleting the device that still had dirty data, the file could still be read without returning an error. The reason is the missing shutdown check in ->read_iter. I also noticed that shutdown checks were missing from ->write_iter, ->splice_read, and ->mmap. This commit adds shutdown checks to all of them.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://git.kernel.org/stable/c/47e35366bc6fa3cf189a8305bce63992495f3efa
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/4a9595eb024b8319957c178be3cdeed613ac0795
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/539147585ca453db6e3d7a5cf3b9c9690513762d
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/e41e33eb795cb9c1ead6ac627d8710546fac6e81
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch

4 reference(s) from NVD

Quick Stats

CVSS v3 Score
5.5 / 10.0
EPSS (Exploit Probability)
0.0%
5th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

linux