CVE-2025-38617

CVSS v3.1

4.7

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A race condition exists in the packet set ring() and packet notifier() functions within the net/packet module. This occurs when packet set ring() releases po->bind lock, allowing another thread to execute packet notifier() and process an NETDEV UP event concurrently. This issue is similar to a previously resolved race condition addressed in commit 15fe076edea7. The fix involves temporarily setting po->num to zero to prevent socket unhooking until the lock is reacquired.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

LPE

DoS

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-366CWE-362

Related Identifiers

AZL-66608

AZL-73611

BDU:2025-15791

CVE-2025-38617

DLA-4327-1

DLA-4328-1

ECHO-FB4A-8B3A-D6A0

MGASA-2025-0234

MGASA-2025-0235

OPENSUSE-SU-2025:20081-1

SUSE-SU-2025:03204-1

SUSE-SU-2025:03272-1

SUSE-SU-2025:03283-1

SUSE-SU-2025:03290-1

SUSE-SU-2025:03301-1

SUSE-SU-2025:03310-1

SUSE-SU-2025:03314-1

SUSE-SU-2025:03344-1

SUSE-SU-2025:03382-1

SUSE-SU-2025:03383-1

SUSE-SU-2025:03384-1

SUSE-SU-2025:03602-1

SUSE-SU-2025:03633-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20653-1

SUSE-SU-2025:20669-1

SUSE-SU-2025:20739-1

SUSE-SU-2025:20756-1

SUSE-SU-2025:20939-1

SUSE-SU-2025:20940-1

SUSE-SU-2025:20942-1

SUSE-SU-2025:20943-1

SUSE-SU-2025:20944-1

SUSE-SU-2025:20945-1

SUSE-SU-2025:20946-1

SUSE-SU-2025:20947-1

SUSE-SU-2025:20950-1

SUSE-SU-2025:20951-1

SUSE-SU-2025:20952-1

SUSE-SU-2025:20953-1

SUSE-SU-2025:20955-1

SUSE-SU-2025:20956-1

SUSE-SU-2025:20957-1

SUSE-SU-2025:20959-1

SUSE-SU-2025:20960-1

SUSE-SU-2025:20973-1

SUSE-SU-2025:20974-1

SUSE-SU-2025:20975-1

SUSE-SU-2025:20977-1

SUSE-SU-2025:20978-1

SUSE-SU-2025:20980-1

SUSE-SU-2025:20981-1

SUSE-SU-2025:20982-1

SUSE-SU-2025:20983-1

SUSE-SU-2025:20984-1

SUSE-SU-2025:20985-1

SUSE-SU-2025:20987-1

SUSE-SU-2025:20988-1

SUSE-SU-2025:20989-1

SUSE-SU-2025:20991-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

SUSE-SU-2025:3878-1

SUSE-SU-2025:3880-1

SUSE-SU-2025:3886-1

SUSE-SU-2025:3892-1

SUSE-SU-2025:3927-1

SUSE-SU-2025:3932-1

SUSE-SU-2025:3935-1

SUSE-SU-2025:3936-1

SUSE-SU-2025:3983-1

SUSE-SU-2025:3995-1

SUSE-SU-2025:4000-1

SUSE-SU-2025:4001-1

SUSE-SU-2025:4016-1

SUSE-SU-2025:4024-1

SUSE-SU-2025:4031-1

SUSE-SU-2025:4036-1

SUSE-SU-2025:4040-1

SUSE-SU-2025:4043-1

SUSE-SU-2025:4046-1

SUSE-SU-2025:4050-1

SUSE-SU-2025:4056-1

SUSE-SU-2025:4058-1

SUSE-SU-2025:4059-1

SUSE-SU-2025:4062-1

SUSE-SU-2025:4064-1

SUSE-SU-2025:4078-1

SUSE-SU-2025:4123-1

SUSE-SU-2025:4315-1

SUSE-SU-2025_03204-1

SUSE-SU-2025_03272-1

SUSE-SU-2025_03290-1

SUSE-SU-2025_03301-1

SUSE-SU-2025_03310-1

SUSE-SU-2025_03314-1

SUSE-SU-2025_03344-1

SUSE-SU-2025_03382-1

SUSE-SU-2026:20149-1

SUSE-SU-2026:20164-1

SUSE-SU-2026:20169-1

USN-7791-1

USN-7791-2

USN-7791-3

USN-7791-4

USN-7792-1

USN-7792-2

USN-7792-3

USN-7793-1

USN-7793-2

USN-7793-3

USN-7793-4

USN-7793-5

USN-7795-1

USN-7795-2

USN-7795-3

USN-7795-4

USN-7795-5

USN-7796-1

USN-7796-2

USN-7796-3

USN-7796-4

USN-7797-1

USN-7797-2

USN-7797-3

USN-7798-1

USN-7799-1

USN-7800-1

USN-7801-1

USN-7801-2

USN-7801-3

USN-7808-1

USN-7808-2

USN-7809-1

USN-7810-1

USN-7810-2

USN-7810-3

USN-7811-1

USN-7819-1

USN-7819-2

USN-7820-1

USN-7821-1

USN-7854-1

USN-7865-1

USN-7875-1

USN-7933-1

Affected Products

Debian

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

CVE-2025-38617

Weakness Enumeration

Related Identifiers

Affected Products

References · 2612