PT-2025-35960 · Linux+5 · Linux Kernel+5

Syzbot

·

Published

2025-07-22

·

Updated

2026-04-20

·

CVE-2025-38687

CVSS v3.1

4.7

Medium

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The Linux kernel contains a use-after-free flaw within the comedi subsystem. This issue occurs due to the removal of allocated asynchronous areas while poll requests are still active, potentially leading to a use-after-free when poll entries are triggered or removed. The vulnerability is addressed by ensuring that no tasks are queued on subdevice wait queues before allowing device detachment via the COMEDI DEVCONFIG ioctl. The comedi device detach() function was refactored into comedi device detach locked() to ensure proper locking during the detachment process.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Race Condition

Weakness Enumeration

CWE-416CWE-362

Related Identifiers

AZL-66860
BDU:2025-15187
CVE-2025-38687
DLA-4327-1
DLA-4328-1
DSA-6009-1
ECHO-E9A0-9A51-1582
MGASA-2025-0234
MGASA-2025-0235
OESA-2025-2268
OESA-2025-2269
OESA-2025-2270
OPENSUSE-SU-2025:20081-1
SUSE-SU-2025:03600-1
SUSE-SU-2025:03634-1
SUSE-SU-2025:20851-1
SUSE-SU-2025:20861-1
SUSE-SU-2025:20870-1
SUSE-SU-2025:20898-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025:3751-1
SUSE-SU-2025:4057-1
SUSE-SU-2025:4132-1
SUSE-SU-2025:4141-1
USN-7909-1
USN-7909-2
USN-7909-3
USN-7909-4
USN-7909-5
USN-7910-1
USN-7910-2
USN-7933-1
USN-7938-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu