CVE-2025-38717

Published: Sep 4, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: net: kcm: Fix race condition in kcm_unattach() syzbot found a race condition when kcm_unattach(psock) and kcm_release(kcm) are executed at the same time. kcm_unattach() is missing a check of the flag kcm->tx_stopped before calling queue_work(). If the kcm has a reserved psock, kcm_unattach() might get executed between cancel_work_sync() and unreserve_psock() in kcm_release(), requeuing kcm->tx_work right before kcm gets freed in kcm_done(). Remove kcm->tx_stopped and replace it by the less error-prone disable_work_sync().

Vendor	Product	Versions
Linux	Linux	affected `ab7ac4eb9832e32a09f4e8042705484d2fb0aad3 - < c0bffbc92a1ca3960fb9cdb8e9f75a68468eb308` affected `ab7ac4eb9832e32a09f4e8042705484d2fb0aad3 - < 7275dc3bb8f91b23125ff3f47b6529935cf46152` affected `ab7ac4eb9832e32a09f4e8042705484d2fb0aad3 - < 798733ee5d5788b12e8a52db1519abc17e826f69` affected `ab7ac4eb9832e32a09f4e8042705484d2fb0aad3 - < 52565a935213cd6a8662ddb8efe5b4219343a25d`
Linux	Linux	affected `4.6` unaffected `0 - < 4.6` unaffected `6.12.43 - <= 6.12.` unaffected `6.15.11 - <= 6.15.` unaffected `6.16.2 - <= 6.16.*` +1 more versions

References

https://git.kernel.org/stable/c/c0bffbc92a1ca3960fb9cdb8e9f75a68468eb308

https://git.kernel.org/stable/c/7275dc3bb8f91b23125ff3f47b6529935cf46152

https://git.kernel.org/stable/c/798733ee5d5788b12e8a52db1519abc17e826f69

https://git.kernel.org/stable/c/52565a935213cd6a8662ddb8efe5b4219343a25d

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-38717

Description

Affected Products

References