PT-2025-25789 · Linux+5 · Linux Kernel+5

Published

2025-04-04

·

Updated

2026-05-26

·

CVE-2025-38014

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A vulnerability in the Linux kernel has been resolved. The issue concerned the dmaengine and specifically the idxd component. The idxd cleanup() helper function was used to refactor the remove call, which helps in cleaning up perfmon, interrupts, internals, and more. This change also fixes the missing put device() call for idxd groups, engines, and wqs.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2025-09041
CVE-2025-38014
ECHO-2D82-C512-B36D
OESA-2026-2417
OESA-2026-2418
SUSE-SU-2025:02249-1
SUSE-SU-2025:02254-1
SUSE-SU-2025:02264-1
SUSE-SU-2025:02307-1
SUSE-SU-2025:02321-1
SUSE-SU-2025:02322-1
SUSE-SU-2025:02333-1
SUSE-SU-2025:02335-1
SUSE-SU-2025:02537-1
SUSE-SU-2025:02538-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:03615-1
SUSE-SU-2025:03628-1
SUSE-SU-2025:20475-1
SUSE-SU-2025:20483-1
SUSE-SU-2025:20493-1
SUSE-SU-2025:20498-1
SUSE-SU-2025:2264-1
SUSE-SU-2025:3761-1
SUSE-SU-2025_02249-1
SUSE-SU-2025_02254-1
SUSE-SU-2025_02264-1
SUSE-SU-2025_02307-1
SUSE-SU-2025_02333-1
SUSE-SU-2025_02335-1
SUSE-SU-2025_02537-1
SUSE-SU-2025_02538-1
USN-7699-1
USN-7699-2
USN-7721-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Suse
Ubuntu