-
CVE-2025-38131
- EPSS 0.03%
- Published 03.07.2025 08:35:35
- Last modified 03.07.2025 15:13:53
- Source 416baaa9-dc9f-4396-8d5f-8c081f
- Teams watchlist Login
- Open Login
In the Linux kernel, the following vulnerability has been resolved:
coresight: prevent deactivate active config while enabling the config
While enable active config via cscfg_csdev_enable_active_config(),
active config could be deactivated via configfs' sysfs interface.
This could make UAF issue in below scenario:
CPU0 CPU1
(sysfs enable) load module
cscfg_load_config_sets()
activate config. // sysfs
(sys_active_cnt == 1)
...
cscfg_csdev_enable_active_config()
lock(csdev->cscfg_csdev_lock)
// here load config activate by CPU1
unlock(csdev->cscfg_csdev_lock)
deactivate config // sysfs
(sys_activec_cnt == 0)
cscfg_unload_config_sets()
unload module
// access to config_desc which freed
// while unloading module.
cscfg_csdev_enable_config
To address this, use cscfg_config_desc's active_cnt as a reference count
which will be holded when
- activate the config.
- enable the activated config.
and put the module reference when config_active_cnt == 0.Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorLinux
≫
Product
Linux
Default Statusunaffected
Version <
dfe8224c9c7a43d356eb9f74b06868aa05f90223
Version
f8cce2ff3c04361b8843d8489620fda8880f668b
Status
affected
Version <
b3b4efa2e623aecaebd7c9b9e4171f5c659e9724
Version
f8cce2ff3c04361b8843d8489620fda8880f668b
Status
affected
Version <
31028812724cef7bd57a51525ce58a32a6d73b22
Version
f8cce2ff3c04361b8843d8489620fda8880f668b
Status
affected
Version <
ed42ee1ed05ff2f4c36938379057413a40c56680
Version
f8cce2ff3c04361b8843d8489620fda8880f668b
Status
affected
Version <
408c97c4a5e0b634dcd15bf8b8808b382e888164
Version
f8cce2ff3c04361b8843d8489620fda8880f668b
Status
affected
VendorLinux
≫
Product
Linux
Default Statusaffected
Version
5.15
Status
affected
Version <
5.15
Version
0
Status
unaffected
Version <=
6.1.*
Version
6.1.142
Status
unaffected
Version <=
6.6.*
Version
6.6.94
Status
unaffected
Version <=
6.12.*
Version
6.12.34
Status
unaffected
Version <=
6.15.*
Version
6.15.3
Status
unaffected
Version <=
*
Version
6.16
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.058 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|