CVE-2025-38617
BaseFortify
Publication date: 2025-08-22
Last updated on: 2026-03-18
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 6.1.153-1 |
| linux | linux_kernel | 5.10.244-1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a race condition in the Linux kernel's packet_set_ring() and packet_notifier() functions. Specifically, when packet_set_ring() releases a lock (po->bind_lock), another thread can run packet_notifier() and process a NETDEV_UP event simultaneously. This can cause inconsistent or unexpected behavior because the critical section protected by the lock is temporarily released, allowing concurrent access. The fix involves temporarily setting po->num to zero to keep the socket unhooked until the lock is reacquired, preventing the race.
How can this vulnerability impact me? :
This race condition could lead to unpredictable behavior in network packet handling within the Linux kernel, potentially causing instability or incorrect processing of network events. While the exact impact depends on the system and usage, it may affect network reliability or security by allowing concurrent access to shared resources without proper synchronization.