CVE-2025-38287
BaseFortify
Publication date: 2025-07-10
Last updated on: 2025-11-19
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel involves the InfiniBand communication manager (IB/cm). Specifically, the send completion handler can execute after the communication identifier (cm_id) has moved on to another message. A recent change reused a function (cm_free_priv_msg()) that expects a lock to be held and checks that the message being freed matches the currently outstanding message. However, because the lock is not needed in this scenario and the cm_id may have advanced, this causes an assertion and warning, indicating improper handling of message freeing and locking.
How can this vulnerability impact me? :
This vulnerability can lead to improper locking and message handling in the Linux kernel's InfiniBand communication manager, potentially causing warnings or assertion failures. This may affect system stability or reliability when handling network messages, possibly leading to unexpected behavior or crashes in systems using this kernel component.