Linux Kernel exFAT Shutdown Check Vulnerability

Vulnerability

A vulnerability in the Linux kernel's exFAT file system implementation has been addressed. The issue arose because the 'read_iter' function lacked a proper shutdown check, allowing files to be read without error after the associated device was deleted, even if it still contained dirty data. This vulnerability affected several I/O operations, including 'write_iter', 'splice_read', and 'mmap', all of which also missed necessary shutdown checks. The recent commit rectifies this by adding the appropriate shutdown checks to these functions.

Impact

The vulnerability could lead to data consistency issues, allowing for the reading of files that should have been inaccessible after the corresponding device was removed.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel exFAT Shutdown Check Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating