DEBIAN-CVE-2025-38697

DEBIAN-CVE-2025-38697 PUBLISHED CVSS 7.800000190734863 HIGH

In the Linux kernel, the following vulnerability has been resolved: jfs: upper bound check of tree index in dbAllocAG When computing the tree index in dbAllocAG, we never check if we are out of bounds realative to the size of the stree. This could happen in a scenario where the filesystem metadata are corrupted.

Risk Scores

CVSS 3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Debian:11	linux	5.10.84-1, 5.10.70-1, 5.10.70-1
Debian:14	linux	6.15-1, 6.12.41-1, 6.12.43-1
Debian:12	linux	6.1.38-4, 6.1.90-1, 6.1.85-1
Debian:13	linux	0, 6.12.38-1, 0
Debian:11	linux-6.1	6.1.112-1, 6.1.119-1, 6.1.128-1

Exploit Intelligence

4081.3.6.yml (github-poc)

Timeline

Sep 4, 2025 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2025-38697 advisory

Open in Interactive Console →