CVE-2025-38176 binder: fix use-after-free in binderfs_evict_inode()

🗓️ 04 Jul 2025 10:39:57Reported by LinuxType

Fix for use-after-free vulnerability in binderfs_evict_inode resolved in Linux kernel update

Reporter	Title	Published	Views	Family All 80
AstraLinux	Astra Linux - уязвимость в linux-5.10	20 May 202605:53	–	astralinux
CNNVD	Linux kernel 安全漏洞	4 Jul 202500:00	–	cnnvd
CVE	CVE-2025-38176	4 Jul 202510:39	–	cve
Debian CVE	CVE-2025-38176	4 Jul 202510:39	–	debiancve
EUVD	EUVD-2025-20013	3 Oct 202520:07	–	euvd
NVD	CVE-2025-38176	4 Jul 202511:15	–	nvd
OpenVAS	Ubuntu: Security Advisory (USN-7769-1)	25 Sep 202500:00	–	openvas
OpenVAS	Ubuntu: Security Advisory (USN-7769-2)	25 Sep 202500:00	–	openvas
OpenVAS	Ubuntu: Security Advisory (USN-7769-3)	29 Sep 202500:00	–	openvas
OpenVAS	Ubuntu: Security Advisory (USN-7770-1)	25 Sep 202500:00	–	openvas

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/android/binder.c",
      "drivers/android/binder_internal.h",
      "drivers/android/binderfs.c"
    ],
    "versions": [
      {
        "version": "e77aff5528a183462714f750e45add6cc71e276a",
        "lessThan": "80ed8ab8efa0d18c03968a2321154f10e2d1a2e3",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "e77aff5528a183462714f750e45add6cc71e276a",
        "lessThan": "aea61a1a77613d4184d7ebe7c1d7cb606458b43b",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "e77aff5528a183462714f750e45add6cc71e276a",
        "lessThan": "8c0a559825281764061a127632e5ad273f0466ad",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/android/binder.c",
      "drivers/android/binder_internal.h",
      "drivers/android/binderfs.c"
    ],
    "versions": [
      {
        "version": "6.14",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "6.14",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.14.11",
        "lessThanOrEqual": "6.14.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.15.2",
        "lessThanOrEqual": "6.15.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.16",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/80ed8ab8efa0d18c03968a2321154f10e2d1a2e3
git	www.git.kernel.org/stable/c/8c0a559825281764061a127632e5ad273f0466ad
git	www.git.kernel.org/stable/c/aea61a1a77613d4184d7ebe7c1d7cb606458b43b

11 May 2026 21:22Current

EPSS0.00052