CVE-2025-38172: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability was discovered in the Linux kernel's erofs (Enhanced Read-Only File System) implementation, identified as CVE-2025-38172. The issue was disclosed on July 3, 2025, and affects the handling of multiple devices with different types. The vulnerability exists in the way erofs handles file-backed devices and block devices when used together (NVD, CVE).

The vulnerability occurs when the primary device is a block device while the extra device is a file-backed device. In this scenario, erofsinitdevice returns ENOTBLK, which is not properly handled as an error in erofsfcgettree. This leads to a Use-After-Free (UAF) vulnerability in the following sequence: erofsfcgettree calls gettreebdevflags(erofsfcfillsuper), followed by erofsreadsuperblock and erofsinitdevice. When sbi->dif0 is not initialized and returns -ENOTBLK, deactivatelockedsuper frees sbi, but the code continues to access it through sbi->dif0.file = filp_open(), resulting in the UAF condition (NVD).

The vulnerability could lead to a Use-After-Free condition in the Linux kernel, which typically can result in system crashes, privilege escalation, or arbitrary code execution. This poses a significant risk to system stability and security (NVD).

The vulnerability has been resolved by converting the -ENOTBLK error to -EINVAL when detected in erofsinitdevice. This ensures proper error handling when the primary device is a block device and the extra device is not a block device (NVD).