DEBIAN-CVE-2025-22073

DEBIAN-CVE-2025-22073 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: spufs: fix a leak on spufs_new_file() failure It's called from spufs_fill_dir(), and caller of that will do spufs_rmdir() in case of failure. That does remove everything we'd managed to create, but... the problem dentry is still negative. IOW, it needs to be explicitly dropped.

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:11	linux	6.12.21-1, 6.19, 6.19
Debian:13	linux	0, 0
Debian:14	linux	0, 0
Debian:12	linux	6.1.115-1, 6.1.123-1, 6.1.124-1
Debian:11	linux-6.1	6.1.129-1, 0, 6.1.106-3~deb11u1

Timeline

Apr 16, 2025 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2025-22073 advisory

Open in Interactive Console →