CVE-2025-38140
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-03

Last updated on: 2025-11-20

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: dm: limit swapping tables for devices with zone write plugs dm_revalidate_zones() only allowed new or previously unzoned devices to call blk_revalidate_disk_zones(). If the device was already zoned, disk->nr_zones would always equal md->nr_zones, so dm_revalidate_zones() returned without doing any work. This would make the zoned settings for the device not match the new table. If the device had zone write plug resources, it could run into errors like bdev_zone_is_seq() reading invalid memory because disk->conv_zones_bitmap was the wrong size. If the device doesn't have any zone write plug resources, calling blk_revalidate_disk_zones() will always correctly update device. If blk_revalidate_disk_zones() fails, it can still overwrite or clear the current disk->nr_zones value. In this case, DM must restore the previous value of disk->nr_zones, so that the zoned settings will continue to match the previous value that it fell back to. If the device already has zone write plug resources, blk_revalidate_disk_zones() will not correctly update them, if it is called for arbitrary zoned device changes. Since there is not much need for this ability, the easiest solution is to disallow any table reloads that change the zoned settings, for devices that already have zone plug resources. Specifically, if a device already has zone plug resources allocated, it can only switch to another zoned table that also emulates zone append. Also, it cannot change the device size or the zone size. A device can switch to an error target.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-03
Last Modified
2025-11-20
Generated
2026-05-07
AI Q&A
2025-07-03
EPSS Evaluated
2026-05-05
NVD
CVE-2025-38140
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-NVD-CWE-noinfo
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in the Linux kernel's device mapper (dm) relates to how it handles swapping tables for devices with zone write plugs. Specifically, when a device already has zone write plug resources, the function blk_revalidate_disk_zones() does not correctly update the zoned settings if called for arbitrary zoned device changes. This can cause mismatches in zone settings and errors such as reading invalid memory. The fix involves disallowing table reloads that change zoned settings for devices with zone plug resources, restricting changes to only switching to another zoned table that emulates zone append without changing device or zone size.


How can this vulnerability impact me? :

This vulnerability can cause errors in devices with zone write plug resources, such as reading invalid memory, which may lead to device malfunctions or data corruption. It affects the reliability and correctness of zoned block device operations, potentially impacting system stability and data integrity when using such devices.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, avoid reloading device-mapper tables that change zoned settings on devices with zone write plug resources. Specifically, ensure that devices with zone write plug resources only switch to another zoned table that also emulates zone append, and do not change the device size or zone size. Alternatively, a device can switch to an error target. These steps prevent incorrect updates to zone write plug resources and avoid errors related to invalid memory reads.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart