CVE-2025-38499

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://git.kernel.org/stable/c/38628ae06e2a37770cd794802a3f1310cf9846e3", "name": "https://git.kernel.org/stable/c/38628ae06e2a37770cd794802a3f1310cf9846e3", "tags": [], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/c28f922c9dcee0e4876a2c095939d77fe7e15116", "name": "https://git.kernel.org/stable/c/c28f922c9dcee0e4876a2c095939d77fe7e15116", "tags": [], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/d717325b5ecf2a40daca85c61923e17f32306179", "name": "https://git.kernel.org/stable/c/d717325b5ecf2a40daca85c61923e17f32306179", "tags": [], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/dc6a664089f10eab0fb36b6e4f705022210191d2", "name": "https://git.kernel.org/stable/c/dc6a664089f10eab0fb36b6e4f705022210191d2", "tags": [], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/e77078e52fbf018ab986efb3c79065ab35025607", "name": "https://git.kernel.org/stable/c/e77078e52fbf018ab986efb3c79065ab35025607", "tags": [], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns\n\nWhat we want is to verify there is that clone won't expose something\nhidden by a mount we wouldn't be able to undo. \"Wouldn't be able to undo\"\nmay be a result of MNT_LOCKED on a child, but it may also come from\nlacking admin rights in the userns of the namespace mount belongs to.\n\nclone_private_mnt() checks the former, but not the latter.\n\nThere's a number of rather confusing CAP_SYS_ADMIN checks in various\nuserns during the mount, especially with the new mount API; they serve\ndifferent purposes and in case of clone_private_mnt() they usually,\nbut not always end up covering the missing check mentioned above."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-38499", "ASSIGNER": "cve@kernel.org"}}, "impact": {}, "publishedDate": "2025-08-11T16:15Z", "configurations": {"nodes": [], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-08-11T18:32Z"}