CVE-2025-38065
📋 TL;DR
This CVE describes a file size truncation vulnerability in the Linux kernel's orangefs filesystem module. On 32-bit systems, files larger than 4GiB may be incorrectly truncated when accessed, potentially causing data corruption or loss. Systems using the orangefs filesystem on 32-bit Linux kernels are affected.
💻 Affected Systems
- Linux kernel with orangefs module
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Critical files larger than 4GiB become corrupted or inaccessible, leading to data loss, system instability, or service disruption.
Likely Case
Files exceeding 4GiB on 32-bit systems may be truncated during operations, causing partial data loss or application errors.
If Mitigated
Minimal impact if systems use 64-bit kernels or don't use orangefs filesystem.
🎯 Exploit Status
Exploitation requires local access and specific conditions (32-bit system, orangefs usage, large files)
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel trees (commits provided in references)
Vendor Advisory: https://git.kernel.org/stable/c/062e8093592fb866b8e016641a8b27feb6ac509d
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from distribution vendor. 2. Rebuild kernel if compiling from source with included patches. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable orangefs module
linuxPrevent loading of vulnerable orangefs kernel module
echo 'blacklist orangefs' >> /etc/modprobe.d/blacklist.conf
rmmod orangefs
Migrate to 64-bit kernel
linuxUpgrade to 64-bit Linux kernel where truncation doesn't occur
🧯 If You Can't Patch
- Avoid storing files larger than 4GiB on orangefs filesystems
- Use alternative filesystems for large file storage
🔍 How to Verify
Check if Vulnerable:
Check if orangefs module is loaded: lsmod | grep orangefs AND check kernel architecture: uname -mCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes patched commits or is newer than patched version📡 Detection & Monitoring
Log Indicators:
- Kernel logs showing filesystem errors
- Application logs reporting truncated files or size mismatches
SIEM Query:
source="kernel" AND ("orangefs" OR "filesystem error")🔗 References
- https://git.kernel.org/stable/c/062e8093592fb866b8e016641a8b27feb6ac509d
- https://git.kernel.org/stable/c/121f0335d91e46369bf55b5da4167d82b099a166
- https://git.kernel.org/stable/c/15602508ad2f923e228b9521960b4addcd27d9c4
- https://git.kernel.org/stable/c/2323b806221e6268a4e17711bc72e2fc87c191a3
- https://git.kernel.org/stable/c/341e3a5984cf5761f3dab16029d7e9fb1641d5ff
- https://git.kernel.org/stable/c/5111227d7f1f57f6804666b3abf780a23f44fc1d
- https://git.kernel.org/stable/c/cd918ec24168fe08c6aafc077dd3b6d88364c5cf
- https://git.kernel.org/stable/c/ceaf195ed285b77791e29016ee6344b3ded609b3
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
