CVE-2025-38352 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() If an exiting non-autoreaping task has already passed exit_notify() and calls handle_posix_cpu_timers() from IRQ, it can be reaped by its parent or debugger right after unlock_task_sighand(). If a concurrent posix_cpu_timer_del() runs at that moment, it won't be able to detect timer->it.cpu.firing != 0: cpu_timer_task_rcu() and/or lock_task_sighand() will fail. Add the tsk->exit_state check into run_posix_cpu_timers() to fix this. This fix is not needed if CONFIG_POSIX_CPU_TIMERS_TASK_WORK=y, because exit_task_work() is called before exit_notify(). But the check still makes sense, task_work_add(&tsk->posix_cputimers_work.work) will fail anyway in this case.

PUBLISHED Reserved 2025-04-16 | Published 2025-07-22 | Updated 2026-05-11 | Assigner Linux

CISA Known Exploited Vulnerability

Date added 2025-09-04 | Due date 2025-09-25

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Product status

Default status

unaffected

0bdd2ed4138ec04e09b4f8165981efc99e439f55 (git) before 78a4b8e3795b31dae58762bc091bb0f4f74a2200

affected

0bdd2ed4138ec04e09b4f8165981efc99e439f55 (git) before c076635b3a42771ace7d276de8dc3bc76ee2ba1b

affected

0bdd2ed4138ec04e09b4f8165981efc99e439f55 (git) before 2f3daa04a9328220de46f0d5c919a6c0073a9f0b

affected

0bdd2ed4138ec04e09b4f8165981efc99e439f55 (git) before 764a7a5dfda23f69919441f2eac2a83e7db6e5bb

affected

0bdd2ed4138ec04e09b4f8165981efc99e439f55 (git) before 2c72fe18cc5f9f1750f5bc148cf1c94c29e106ff

affected

0bdd2ed4138ec04e09b4f8165981efc99e439f55 (git) before c29d5318708e67ac13c1b6fc1007d179fb65b4d7

affected

0bdd2ed4138ec04e09b4f8165981efc99e439f55 (git) before 460188bc042a3f40f72d34b9f7fc6ee66b0b757b

affected

0bdd2ed4138ec04e09b4f8165981efc99e439f55 (git) before f90fff1e152dedf52b932240ebbd670d83330eca

affected

Default status

affected

2.6.36

affected

Any version before 2.6.36

unaffected

5.4.295 (semver)

unaffected

5.10.239 (semver)

unaffected

5.15.186 (semver)

unaffected

6.1.142 (semver)

unaffected

6.6.94 (semver)

unaffected

6.12.34 (semver)

unaffected

6.15.3 (semver)

unaffected

6.16 (original_commit_for_fix)

unaffected

References

www.cisa.gov/...erabilities-catalog?field_cve=CVE-2025-38352 government-resource

github.com/farazsth98/chronomaly exploit

lists.debian.org/debian-lts-announce/2025/10/msg00008.html

lists.debian.org/debian-lts-announce/2025/10/msg00007.html

git.kernel.org/...c/78a4b8e3795b31dae58762bc091bb0f4f74a2200

git.kernel.org/...c/c076635b3a42771ace7d276de8dc3bc76ee2ba1b

git.kernel.org/...c/2f3daa04a9328220de46f0d5c919a6c0073a9f0b

git.kernel.org/...c/764a7a5dfda23f69919441f2eac2a83e7db6e5bb

git.kernel.org/...c/2c72fe18cc5f9f1750f5bc148cf1c94c29e106ff

git.kernel.org/...c/c29d5318708e67ac13c1b6fc1007d179fb65b4d7

git.kernel.org/...c/460188bc042a3f40f72d34b9f7fc6ee66b0b757b

git.kernel.org/...c/f90fff1e152dedf52b932240ebbd670d83330eca

cve.org (CVE-2025-38352)

nvd.nist.gov (CVE-2025-38352)

Download JSON

help @ threatint.eu