CVE-2025-38037 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: vxlan: Annotate FDB data races The 'used' and 'updated' fields in the FDB entry structure can be accessed concurrently by multiple threads, leading to reports such as [1]. Can be reproduced using [2]. Suppress these reports by annotating these accesses using READ_ONCE() / WRITE_ONCE(). [1] BUG: KCSAN: data-race in vxlan_xmit / vxlan_xmit write to 0xffff942604d263a8 of 8 bytes by task 286 on cpu 0: vxlan_xmit+0xb29/0x2380 dev_hard_start_xmit+0x84/0x2f0 __dev_queue_xmit+0x45a/0x1650 packet_xmit+0x100/0x150 packet_sendmsg+0x2114/0x2ac0 __sys_sendto+0x318/0x330 __x64_sys_sendto+0x76/0x90 x64_sys_call+0x14e8/0x1c00 do_syscall_64+0x9e/0x1a0 entry_SYSCALL_64_after_hwframe+0x77/0x7f read to 0xffff942604d263a8 of 8 bytes by task 287 on cpu 2: vxlan_xmit+0xadf/0x2380 dev_hard_start_xmit+0x84/0x2f0 __dev_queue_xmit+0x45a/0x1650 packet_xmit+0x100/0x150 packet_sendmsg+0x2114/0x2ac0 __sys_sendto+0x318/0x330 __x64_sys_sendto+0x76/0x90 x64_sys_call+0x14e8/0x1c00 do_syscall_64+0x9e/0x1a0 entry_SYSCALL_64_after_hwframe+0x77/0x7f value changed: 0x00000000fffbac6e -> 0x00000000fffbac6f Reported by Kernel Concurrency Sanitizer on: CPU: 2 UID: 0 PID: 287 Comm: mausezahn Not tainted 6.13.0-rc7-01544-gb4b270f11a02 #5 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014 [2] #!/bin/bash set +H echo whitelist > /sys/kernel/debug/kcsan echo !vxlan_xmit > /sys/kernel/debug/kcsan ip link add name vx0 up type vxlan id 10010 dstport 4789 local 192.0.2.1 bridge fdb add 00:11:22:33:44:55 dev vx0 self static dst 198.51.100.1 taskset -c 0 mausezahn vx0 -a own -b 00:11:22:33:44:55 -c 0 -q & taskset -c 2 mausezahn vx0 -a own -b 00:11:22:33:44:55 -c 0 -q &

Reserved 2025-04-16 | Published 2025-06-18 | Updated 2025-06-18 | Assigner Linux

Product status

Default status

unaffected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 02a33b1035a307453a1da6ce0a1bf3676be287d7

affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 87d076987a9ba106c83412fcd113656f71af05a1

affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before e033da39fc6abbddab6c29624acef80757f273fa

affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 784b78295a3a58bf052339dd669e6e03710220d3

affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 13cba3f837903f7184d6e9b6137d5165ffe82a8f

affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before a6644aeb8ddf196dec5f8e782293c36f065df4d7

affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 4eceb7eae6ea7c950384c34e6dbbe872c981935f

affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before f6205f8215f12a96518ac9469ff76294ae7bd612

affected

Default status

affected

5.4.294

unaffected

5.10.238

unaffected

5.15.185

unaffected

6.1.141

unaffected

6.6.93

unaffected

6.12.31

unaffected

6.14.9

unaffected

6.15

unaffected

References

git.kernel.org/...c/02a33b1035a307453a1da6ce0a1bf3676be287d7

git.kernel.org/...c/87d076987a9ba106c83412fcd113656f71af05a1

git.kernel.org/...c/e033da39fc6abbddab6c29624acef80757f273fa

git.kernel.org/...c/784b78295a3a58bf052339dd669e6e03710220d3

git.kernel.org/...c/13cba3f837903f7184d6e9b6137d5165ffe82a8f

git.kernel.org/...c/a6644aeb8ddf196dec5f8e782293c36f065df4d7

git.kernel.org/...c/4eceb7eae6ea7c950384c34e6dbbe872c981935f

git.kernel.org/...c/f6205f8215f12a96518ac9469ff76294ae7bd612

cve.org (CVE-2025-38037)

nvd.nist.gov (CVE-2025-38037)

Download JSON