CVE-2025-38396
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-25

Last updated on: 2025-11-03

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass Export anon_inode_make_secure_inode() to allow KVM guest_memfd to create anonymous inodes with proper security context. This replaces the current pattern of calling alloc_anon_inode() followed by inode_init_security_anon() for creating security context manually. This change also fixes a security regression in secretmem where the S_PRIVATE flag was not cleared after alloc_anon_inode(), causing LSM/SELinux checks to be bypassed for secretmem file descriptors. As guest_memfd currently resides in the KVM module, we need to export this symbol for use outside the core kernel. In the future, guest_memfd might be moved to core-mm, at which point the symbols no longer would have to be exported. When/if that happens is still unclear.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-25
Last Modified
2025-11-03
Generated
2026-05-07
AI Q&A
2025-07-25
EPSS Evaluated
2026-05-05
NVD
CVE-2025-38396
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability involves a security issue in the Linux kernel related to the creation of anonymous inodes with proper security contexts. The function anon_inode_make_secure_inode() was exported to replace a less secure pattern that manually created security contexts, fixing a security regression in the secretmem subsystem where a flag (S_PRIVATE) was not cleared properly. This flaw allowed LSM/SELinux security checks to be bypassed for secretmem file descriptors, potentially weakening the kernel's security enforcement.


How can this vulnerability impact me? :

The vulnerability could allow security checks enforced by Linux Security Modules (LSM) like SELinux to be bypassed for certain secret memory file descriptors. This means that unauthorized access or actions might be possible on sensitive memory areas, potentially leading to privilege escalation or data leakage within systems using the affected Linux kernel.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart