PT-2025-24353 · Linux+6 · Linux Kernel+6

Published

2025-05-19

·

Updated

2026-05-26

·

CVE-2025-38003

CVSS v2.0

5.7

Medium

VectorAV:L/AC:L/Au:S/C:P/I:P/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A vulnerability in the Linux kernel has been resolved. The issue is related to the generation of procfs content for a bcm op that is in the process of being removed, which might show unreliable data due to a use-after-free (UAF) condition. The removal of bcm op's is already implemented with rcu handling, and this patch adds the missing rcu read lock() to ensure list entries are properly removed under rcu protection.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Weakness Enumeration

CWE-416

Related Identifiers

AZL-63699
BDU:2025-12065
CVE-2025-38003
DLA-4327-1
DLA-4328-1
DSA-5973-1
ECHO-EAE6-E1D7-111D
OESA-2025-2120
OESA-2025-2121
OESA-2025-2122
SUSE-SU-2025:02249-1
SUSE-SU-2025:02254-1
SUSE-SU-2025:02307-1
SUSE-SU-2025:02333-1
SUSE-SU-2025:02335-1
SUSE-SU-2025:02538-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:20475-1
SUSE-SU-2025:20483-1
SUSE-SU-2025:20493-1
SUSE-SU-2025:20498-1
SUSE-SU-2025_02249-1
SUSE-SU-2025_02254-1
SUSE-SU-2025_02307-1
SUSE-SU-2025_02333-1
SUSE-SU-2025_02335-1
SUSE-SU-2025_02538-1
USN-7704-1
USN-7704-2
USN-7704-3
USN-7704-4
USN-7704-5
USN-7711-1
USN-7712-1
USN-7712-2
USN-7769-1
USN-7769-2
USN-7769-3
USN-7770-1
USN-7771-1
USN-7789-1
USN-7789-2
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu