PT-2025-33812 · Linux+8 · Linux Kernel+8

Published

2025-08-19

·

Updated

2026-04-20

·

CVE-2025-38614

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: The Linux kernel contains a flaw within the eventpoll subsystem that could allow for semi-unbounded recursion. The issue stems from insufficient depth checks when creating graph edges between epoll instances. Current checks prevent deep recursion during loop detection but do not limit the overall depth of the resulting tree. This allows for potential recursion depths of at least 500, potentially impacting system stability.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Uncontrolled Recursion

Weakness Enumeration

CWE-674

Related Identifiers

ALSA-2025:17760
ALSA-2025:18318
AZL-66533
AZL-73878
BDU:2025-15552
CVE-2025-38614
DLA-4328-1
DSA-6009-1
ECHO-186A-E109-A134
INFSA-2025_17760
OPENSUSE-SU-2025:20081-1
RHSA-2025:17760
RHSA-2025:18318
RHSA-2025:19104
RHSA-2025:21051
RHSA-2025:21128
RHSA-2025:21463
RHSA-2025_17760
SUSE-SU-2025:03600-1
SUSE-SU-2025:03601-1
SUSE-SU-2025:03602-1
SUSE-SU-2025:03633-1
SUSE-SU-2025:03634-1
SUSE-SU-2025:20851-1
SUSE-SU-2025:20861-1
SUSE-SU-2025:20870-1
SUSE-SU-2025:20898-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025:3725-1
SUSE-SU-2025:3751-1
USN-7909-1
USN-7909-2
USN-7909-3
USN-7909-4
USN-7909-5
USN-7910-1
USN-7910-2
USN-7933-1
USN-7938-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Almalinux
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu