Wiz
Vulnerability DatabaseCVE-2025-38620

CVE-2025-38620
Linux Ubuntu vulnerability analysis and mitigation

Overview

A use-after-free vulnerability was discovered in the Linux kernel's zloop (zoned loop device) implementation. The vulnerability was identified on August 22, 2025, and affects the kernel's memory management when handling zloop devices. The issue occurs in the zloopctlremove() function which incorrectly handles memory deallocation sequence (Ubuntu Security).

Technical details

The vulnerability stems from a race condition in the zloopctlremove() function. Specifically, the function calls putdisk(), which invokes zloopfreedisk(). The zloopfreedisk() function frees the memory allocated for the zlo pointer. However, after this deallocation, zloopctlremove() attempts to access the freed memory by calling blkmqfreetagset(&zlo->tagset), resulting in a KASAN use-after-free detection (Ubuntu Security).

Impact

When triggered, this vulnerability can lead to kernel memory corruption due to the use-after-free condition. The issue is particularly concerning as it affects the kernel's block layer functionality and could potentially be exploited to cause system instability or privilege escalation (Ubuntu Security).

Mitigation and workarounds

The fix involves restructuring the deallocation sequence by moving the blkmqfreetagset(&zlo->tagset) call from zloopctlremove() into zloopfreedisk(). This ensures that the tagset is freed before the call to kvfree(zlo), preventing the use-after-free condition (Ubuntu Security).

Additional resources

SourceThis report was generated using AI

Related Linux Ubuntu vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-62408MEDIUM5.9
  • Linux DebianLinux Debian
  • c-ares
NoNoDec 08, 2025
CVE-2023-53769N/AN/A
  • Linux KernelLinux Kernel
  • kernel-modules-internal
NoYesDec 08, 2025
CVE-2023-53768N/AN/A
  • Linux DebianLinux Debian
  • linux
NoYesDec 08, 2025
CVE-2023-53767N/AN/A
  • Linux KernelLinux Kernel
  • libperf
NoYesDec 08, 2025
CVE-2023-53766N/AN/A
  • Linux DebianLinux Debian
  • linux-fips
NoYesDec 08, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo