PT-2025-28873 · Linux+5 · Linux Kernel+5

Syzbot

·

Published

2025-06-24

·

Updated

2026-05-26

·

CVE-2025-38245

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: A flaw was discovered in the Linux kernel related to the handling of the atm dev mutex within the ATM (Asynchronous Transfer Mode) subsystem. Specifically, the mutex was not being released promptly after removing procfs entries during device deregistration, creating a race condition. This could lead to a system splat (kernel panic) if a new device was registered while the procfs entries were still being removed. The issue stemmed from holding the mutex until procfs/sysfs were removed in atm dev deregister().
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Weakness Enumeration

CWE-682

Related Identifiers

AZL-64850
AZL-72784
BDU:2025-08803
CVE-2025-38245
DLA-4327-1
DLA-4328-1
DSA-5973-1
ECHO-2BF2-1FB0-87A1
MGASA-2025-0218
MGASA-2025-0219
OPENSUSE-SU-2025:20081-1
SUSE-SU-2025:03204-1
SUSE-SU-2025:03272-1
SUSE-SU-2025:03290-1
SUSE-SU-2025:03301-1
SUSE-SU-2025:03382-1
SUSE-SU-2025:03602-1
SUSE-SU-2025:03633-1
SUSE-SU-2025:03634-1
SUSE-SU-2025:20653-1
SUSE-SU-2025:20669-1
SUSE-SU-2025:20739-1
SUSE-SU-2025:20756-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025_03204-1
SUSE-SU-2025_03272-1
SUSE-SU-2025_03290-1
SUSE-SU-2025_03301-1
SUSE-SU-2025_03382-1
USN-7774-1
USN-7774-2
USN-7774-3
USN-7774-4
USN-7774-5
USN-7775-1
USN-7775-2
USN-7775-3
USN-7776-1
USN-7833-1
USN-7833-2
USN-7833-3
USN-7833-4
USN-7834-1
USN-7856-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu