CVE-2025-38204
📋 TL;DR
This CVE describes an out-of-bounds read vulnerability in the JFS filesystem implementation in the Linux kernel. An attacker could potentially read kernel memory beyond intended boundaries, which could lead to information disclosure or system crashes. This affects Linux systems using the JFS filesystem.
💻 Affected Systems
- Linux kernel with JFS filesystem support
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel memory disclosure leading to privilege escalation or system crash/DoS
Likely Case
System crash or denial of service when reading directories on JFS filesystems
If Mitigated
Error handling prevents exploitation but may cause service disruption
🎯 Exploit Status
Requires local access and ability to trigger directory operations on JFS
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits 44618bee303bed151ef3a525ff79fbd7689593b5 or later
Vendor Advisory: https://git.kernel.org/stable/c/44618bee303bed151ef3a525ff79fbd7689593b5
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution. 2. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable JFS filesystem
linuxPrevent loading of JFS kernel module to eliminate attack surface
echo 'install jfs /bin/false' >> /etc/modprobe.d/disable-jfs.conf
rmmod jfs 2>/dev/null || true
Avoid JFS usage
linuxDo not mount or use JFS filesystems
umount /dev/[jfs-partition] 2>/dev/null || true
sed -i '/jfs/d' /etc/fstab
🧯 If You Can't Patch
- Restrict local user access to systems with JFS filesystems
- Implement strict access controls on directories using JFS
🔍 How to Verify
Check if Vulnerable:
Check if JFS module is loaded: lsmod | grep jfs. If loaded, check kernel version against distribution advisories.Check Version:
uname -rVerify Fix Applied:
Verify kernel version after update and ensure JFS module functions without errors during directory operations.📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages
- JFS error messages in dmesg
- System crashes during directory operations
Network Indicators:
- None - local vulnerability
SIEM Query:
source="kernel" AND ("jfs" OR "add_missing_indices" OR "array-index-out-of-bounds")🔗 References
- https://git.kernel.org/stable/c/44618bee303bed151ef3a525ff79fbd7689593b5
- https://git.kernel.org/stable/c/5dff41a86377563f7a2b968aae00d25b4ceb37c9
- https://git.kernel.org/stable/c/81af4b34fd72d390d7f237c6a545cc6d09707956
- https://git.kernel.org/stable/c/bfa4655d28f338e68d345aed80d19be7999bbce2
- https://git.kernel.org/stable/c/c8399564a58fb6ea2ff21a6fd278417943cb51a5
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
