Linux Kernel spufs Directory Handling Vulnerability

Vulnerability

A vulnerability in the Linux kernel's spufs (pseudo-filesystem) module has been addressed. The issue arose in the spufs_new_file() function, which is called by spufs_fill_dir(). When spufs_new_file() fails, the spufs_rmdir() function is invoked to clean up by removing any files that were created. However, this process does not properly handle the directory entry for the failed operation, leaving it in a negative state. The vulnerability required an explicit drop of the problematic directory entry to resolve the issue.

Impact

The vulnerability could lead to a resource leak by leaving a negative directory entry that is not properly cleaned up after a failure in the spufs_new_file() function.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel spufs Directory Handling Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating