CVE-2025-38037

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version

Description The issue is related to data races in the vxlan module of the Linux kernel. Specifically, the used and updated fields in the FDB entry structure can be accessed concurrently by multiple threads, leading to potential data corruption. This can be reproduced using a specific script. The problem is resolved by annotating these accesses using READ ONCE() / WRITE ONCE().

Recommendations For Linux kernel versions prior to the fixed version, consider applying the patch that annotates the used and updated fields in the FDB entry structure using READ ONCE() / WRITE ONCE(). As a temporary workaround, consider restricting concurrent access to the vxlan module to minimize the risk of data corruption.

Exploit

Fix

Time Of Check To Time Of Use

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-367CWE-362

Related Identifiers

AZL-64022

BDU:2025-08789

CVE-2025-38037

DLA-4327-1

DLA-4328-1

DSA-5973-1

ECHO-2E01-D24C-1E56

USN-7704-1

USN-7704-2

USN-7704-3

USN-7704-4

USN-7704-5

USN-7711-1

USN-7712-1

USN-7712-2

USN-7769-1

USN-7769-2

USN-7769-3

USN-7770-1

USN-7771-1

USN-7789-1

USN-7789-2

USN-8028-1

USN-8028-2

USN-8028-3

USN-8028-4

USN-8028-5

USN-8028-6

USN-8028-7

USN-8028-8

USN-8031-1

USN-8031-2

USN-8031-3

USN-8052-1

USN-8052-2

USN-8074-1

USN-8074-2

USN-8126-1

Affected Products

Astra Linux

Debian

Linuxmint

Linux Kernel

Red Os

Ubuntu

CVE-2025-38037

Weakness Enumeration

Related Identifiers

Affected Products

References · 1400