PT-2025-30792 · Linux+7 · Linux Kernel+7

Published

2025-05-23

·

Updated

2026-04-20

·

CVE-2025-38392

CVSS v2.0

6.0

Medium

VectorAV:L/AC:H/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.15.0-rc5+
Description A flaw exists in the Linux kernel related to the idpf (Intel Data Plane Framework) driver. Specifically, a mutex used for the control queue (cq lock) can lead to a kernel BUG when VIRTCHNL2 CAP MACFILTER is enabled. This occurs due to a potential deadlock situation during DMA memory freeing, which may utilize vunmap(). The issue arises from the interaction between the mutex lock and spinlock operations within the idpf ctlq clean sq() function, triggered through a sequence of function calls initiated by rtnl newlink().
Recommendations Update to a version of the Linux kernel that includes the fix for this issue.

Exploit

Fix

Use After Free

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025:15429
ALSA-2025:15782
ALSA-2025:15785
ALSA-2025:15786
BDU:2025-10786
CESA-2025_15785
CESA-2025_15786
CVE-2025-38392
INFSA-2025_15429
INFSA-2025_15785
INFSA-2025_15786
OPENSUSE-SU-2025:20081-1
RHSA-2025_15429
RHSA-2025_15785
RHSA-2025_15786
SUSE-SU-2025:02853-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:02969-1
SUSE-SU-2025:02996-1
SUSE-SU-2025:02997-1
SUSE-SU-2025:03011-1
SUSE-SU-2025:03023-1
SUSE-SU-2025:20577-1
SUSE-SU-2025:20586-1
SUSE-SU-2025:20601-1
SUSE-SU-2025:20602-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025_02853-1
SUSE-SU-2025_02969-1
SUSE-SU-2025_02996-1
SUSE-SU-2025_02997-1
SUSE-SU-2025_03011-1
SUSE-SU-2025_03023-1
USN-7833-1
USN-7833-2
USN-7833-3
USN-7833-4
USN-7834-1
USN-7856-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Almalinux
Centos
Intel Data Plane Framework
Linuxmint
Linux Kernel
Red Hat
Suse
Ubuntu