CVE-2025-38003
Published: Jun 8, 2025
Modified: May 23, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: can: bcm: add missing rcu read protection for procfs content When the procfs content is generated for a bcm_op which is in the process to be removed the procfs output might show unreliable data (UAF). As the removal of bcm_op's is already implemented with rcu handling this patch adds the missing rcu_read_lock() and makes sure the list entries are properly removed under rcu protection.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 5b48f5711f1c630841ab78dcc061de902f0e37bf - < 19f553a1ddf260da6570ed8f8d91a8c87f49b63aaffected 85cd41070df992d3c0dfd828866fdd243d3b774a - < 659701c0b954ccdb4a916a4ad59bbc16e726d42caffected f34f2a18e47b73e48f90a757e1f4aaa8c7d665a1 - < 0622846db728a5332b917c797c733e202c4620aeaffected f1b4e32aca0811aa011c76e5d6cf2fa19224b386 - < 6d7d458c41b98a5c1670cbd36f2923c37de51cf5affected f1b4e32aca0811aa011c76e5d6cf2fa19224b386 - < 1f912f8484e9c4396378c39460bbea0af681f319+10 more versions |
Linux | Linux | affected 5.19unaffected 0 - < 5.19unaffected 5.4.294 - <= 5.4.*unaffected 5.10.238 - <= 5.10.*unaffected 5.15.185 - <= 5.15.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now