CVE-2025-38498 - Vulnerability Details

- do_change_type(): refuse to operate on unmounted/not ours mounts

Description

In the Linux kernel, the following vulnerability has been resolved:

do_change_type(): refuse to operate on unmounted/not ours mounts

Ensure that propagation settings can only be changed for mounts located
in the caller's mount namespace. This change aligns permission checking
with the rest of mount(2).

Published: 2025-07-30

Score: 5.5 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`07b20889e3052c7e77d6a6a54e7e83446eb1ba84`	affected	< 787937c4e373f1722c4343e5a5a4eb0f8543e589
`07b20889e3052c7e77d6a6a54e7e83446eb1ba84`	affected	< c7d11fdf8e5db5f34a6c062c7e6ba3a0971879d2
`07b20889e3052c7e77d6a6a54e7e83446eb1ba84`	affected	< 432a171d60056489270c462e651e6c3a13f855b1
`07b20889e3052c7e77d6a6a54e7e83446eb1ba84`	affected	< 064014f7812744451d5d0592f3d2bcd727f2ee93
`07b20889e3052c7e77d6a6a54e7e83446eb1ba84`	affected	< 4f091ad0862b02dc42a19a120b7048de848561f8
`07b20889e3052c7e77d6a6a54e7e83446eb1ba84`	affected	< 9c1ddfeb662b668fff69c5f1cfdd9f5d23d55d23
`07b20889e3052c7e77d6a6a54e7e83446eb1ba84`	affected	< 19554c79a2095ddde850906a067915c1ef3a4114
`07b20889e3052c7e77d6a6a54e7e83446eb1ba84`	affected	< 12f147ddd6de7382dad54812e65f3f08d05809fc

Linux

affected

Version	Status	Constraints
`2.6.15`	affected	—
`0`	unaffected	< 2.6.15
`5.4.295`	unaffected	≤ 5.4.*
`5.10.239`	unaffected	≤ 5.10.*
`5.15.186`	unaffected	≤ 5.15.*
`6.1.142`	unaffected	≤ 6.1.*
`6.6.94`	unaffected	≤ 6.6.*
`6.12.34`	unaffected	≤ 6.12.*
`6.15.3`	unaffected	≤ 6.15.*
`6.16`	unaffected	≤ *

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

No data.

Vendor	Product	Confidence	Versions
Linux	Linux Kernel	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Debian DLA	DLA-4327-1	linux security update
Debian DLA	DLA-4328-1	linux-6.1 security update
Debian DSA	DSA-5973-1	linux security update
EUVD	EUVD-2025-23147	In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking with the rest of mount(2).
Ubuntu USN	USN-7769-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7769-2	Linux kernel (Real-time) vulnerabilities
Ubuntu USN	USN-7769-3	Linux kernel vulnerabilities
Ubuntu USN	USN-7770-1	Linux kernel (Azure) vulnerabilities
Ubuntu USN	USN-7771-1	Linux kernel (OEM) vulnerabilities
Ubuntu USN	USN-7774-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7774-2	Linux kernel (FIPS) vulnerabilities
Ubuntu USN	USN-7774-3	Linux kernel (Real-time) vulnerabilities
Ubuntu USN	USN-7775-1	Linux kernel (Azure FIPS) vulnerabilities
Ubuntu USN	USN-7775-2	Linux kernel (Azure) vulnerabilities
Ubuntu USN	USN-7776-1	Linux kernel (Oracle) vulnerabilities
Ubuntu USN	USN-7775-3	Linux kernel (Azure) vulnerabilities
Ubuntu USN	USN-7774-4	Linux kernel (KVM) vulnerabilities
Ubuntu USN	USN-7789-1	Linux kernel (Oracle) vulnerabilities
Ubuntu USN	USN-7774-5	Linux kernel (NVIDIA Tegra IGX) vulnerabilities
Ubuntu USN	USN-7789-2	Linux kernel (Raspberry Pi) vulnerabilities

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00033.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://cert-portal.siemens.com/productcert/html/ssa-082556.html
https://cert-portal.siemens.com/productcert/html/ssa-089022.html
https://git.kernel.org/stable/c/064014f7812744451d5d0592f3d2bcd727f2ee93
https://git.kernel.org/stable/c/12f147ddd6de7382dad54812e65f3f08d05809fc
https://git.kernel.org/stable/c/19554c79a2095ddde850906a067915c1ef3a4114
https://git.kernel.org/stable/c/432a171d60056489270c462e651e6c3a13f855b1
https://git.kernel.org/stable/c/4f091ad0862b02dc42a19a120b7048de848561f8
https://git.kernel.org/stable/c/787937c4e373f1722c4343e5a5a4eb0f8543e589
https://git.kernel.org/stable/c/9c1ddfeb662b668fff69c5f1cfdd9f5d23d55d23
https://git.kernel.org/stable/c/c7d11fdf8e5db5f34a6c062c7e6ba3a0971879d2
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
https://lore.kernel.org/linux-cve-announce/2025073029-CVE-2025-38498-e3ab@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2025-38498
https://www.cve.org/CVERecord?id=CVE-2025-38498

History

Tue, 12 May 2026 13:30:00 +0000

Type	Values Removed	Values Added
References		https://cert-portal.siemens.com/productcert/html/ssa-082556.html https://cert-portal.siemens.com/productcert/html/ssa-089022.html

Wed, 07 Jan 2026 16:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Debian Debian debian Linux
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:o:debian:debian_linux:11.0:::::::* cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Debian Debian debian Linux
Metrics	cvssV3_1 `{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

Mon, 03 Nov 2025 18:30:00 +0000

Type	Values Removed	Values Added
References		https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html

Wed, 30 Jul 2025 15:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Vendors & Products		Linux Linux linux Kernel

Wed, 30 Jul 2025 12:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025073029-CVE-2025-38498-e3ab@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-38498 https://www.cve.org/CVERecord?id=CVE-2025-38498
Metrics	threat_severity `None`	cvssV3_1 `{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}` threat_severity `Moderate`

Wed, 30 Jul 2025 06:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking with the rest of mount(2).
Title		do_change_type(): refuse to operate on unmounted/not ours mounts
References		https://git.kernel.org/stable/c/064014f7812744451d5d0592f3d2bcd727f2ee93 https://git.kernel.org/stable/c/12f147ddd6de7382dad54812e65f3f08d05809fc https://git.kernel.org/stable/c/19554c79a2095ddde850906a067915c1ef3a4114 https://git.kernel.org/stable/c/432a171d60056489270c462e651e6c3a13f855b1 https://git.kernel.org/stable/c/4f091ad0862b02dc42a19a120b7048de848561f8 https://git.kernel.org/stable/c/787937c4e373f1722c4343e5a5a4eb0f8543e589 https://git.kernel.org/stable/c/9c1ddfeb662b668fff69c5f1cfdd9f5d23d55d23 https://git.kernel.org/stable/c/c7d11fdf8e5db5f34a6c062c7e6ba3a0971879d2

Subscriptions

Debian Debian Linux

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-07-30T06:03:36.483Z

Updated: 2026-05-12T12:05:10.512Z

Reserved: 2025-04-16T04:51:24.022Z

Link: CVE-2025-38498

Vulnrichment

No data.

NVD

Status : Modified

Published: 2025-07-30T06:15:27.527

Modified: 2026-05-12T13:16:51.410

Link: CVE-2025-38498

Redhat

Severity : Moderate

Publid Date: 2025-07-30T00:00:00Z

Links: CVE-2025-38498 - Bugzilla

OpenCVE Enrichment

Updated: 2025-07-30T15:04:12Z

Weaknesses

NVD-CWE-noinfo

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object