Back to search
CVE-2025-38653
Published: Aug 22, 2025
Modified: May 11, 2026
PUBLISHED
Description
In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al Check pde->proc_ops->proc_lseek directly may cause UAF in rmmod scenario. It's a gap in proc_reg_open() after commit 654b33ada4ab("proc: fix UAF in proc_get_inode()"). Followed by AI Viro's suggestion, fix it in same manner.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 3f61631d47f115b83c935d0039f95cb68b0c8ab7 - < c35b0feb80b48720dfbbf4e33759c7be3faaebb6affected 3f61631d47f115b83c935d0039f95cb68b0c8ab7 - < 33c778ea0bd0fa62ff590497e72562ff90f82b13affected 3f61631d47f115b83c935d0039f95cb68b0c8ab7 - < fc1072d934f687e1221d685cf1a49a5068318f34affected 3f61631d47f115b83c935d0039f95cb68b0c8ab7 - < d136502e04d8853a9aecb335d07bbefd7a1519a8affected 3f61631d47f115b83c935d0039f95cb68b0c8ab7 - < 1fccbfbae1dd36198dc47feac696563244ad81d3+1 more versions |
Linux | Linux | affected 6.0unaffected 0 - < 6.0unaffected 6.1.148 - <= 6.1.*unaffected 6.6.102 - <= 6.6.*unaffected 6.12.42 - <= 6.12.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now