CVE-2025-38346

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A use-after-free (UAF) vulnerability exists in the Linux kernel related to ftrace and kallsyms. The issue occurs when a module triggers ftrace to disable, and then is removed. Specifically, when a module is removed, ftrace release mod() is called. If ftrace disable is set, this function returns without releasing associated resources. Subsequently, accessing kallsyms can lead to a UAF condition as it attempts to access freed module memory via functions like strscpy(), where the module pointer (mod) is no longer valid. This can happen when tracing init functions after a module has been loaded and then unloaded.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Buffer Overflow

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-416

Related Identifiers

AZL-64914

BDU:2025-09917

CVE-2025-38346

DLA-4327-1

DLA-4328-1

DSA-5973-1

ECHO-B885-8BC6-DA15

MGASA-2025-0218

MGASA-2025-0219

OESA-2025-1869

OESA-2025-1870

OESA-2025-1871

OESA-2025-1872

OESA-2025-1873

OESA-2025-1874

USN-7774-1

USN-7774-2

USN-7774-3

USN-7774-4

USN-7774-5

USN-7775-1

USN-7775-2

USN-7775-3

USN-7776-1

USN-7833-1

USN-7833-2

USN-7833-3

USN-7833-4

USN-7834-1

USN-7856-1

USN-8028-1

USN-8028-2

USN-8028-3

USN-8028-4

USN-8028-5

USN-8028-6

USN-8028-7

USN-8028-8

USN-8031-1

USN-8031-2

USN-8031-3

USN-8052-1

USN-8052-2

USN-8074-1

USN-8074-2

USN-8126-1

Affected Products

Astra Linux

Debian

Linuxmint

Linux Kernel

Red Os

Ubuntu

CVE-2025-38346

Weakness Enumeration

Related Identifiers

Affected Products

References · 1449