CVE-2025-38210

EPSS 0.03%
Published 04.07.2025 13:37:29
Last modified 08.07.2025 16:18:53
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

configfs-tsm-report: Fix NULL dereference of tsm_ops

Unlike sysfs, the lifetime of configfs objects is controlled by
userspace. There is no mechanism for the kernel to find and delete all
created config-items. Instead, the configfs-tsm-report mechanism has an
expectation that tsm_unregister() can happen at any time and cause
established config-item access to start failing.

That expectation is not fully satisfied. While tsm_report_read(),
tsm_report_{is,is_bin}_visible(), and tsm_report_make_item() safely fail
if tsm_ops have been unregistered, tsm_report_privlevel_store()
tsm_report_provider_show() fail to check for ops registration. Add the
missing checks for tsm_ops having been removed.

Now, in supporting the ability for tsm_unregister() to always succeed,
it leaves the problem of what to do with lingering config-items. The
expectation is that the admin that arranges for the ->remove() (unbind)
of the ${tsm_arch}-guest driver is also responsible for deletion of all
open config-items. Until that deletion happens, ->probe() (reload /
bind) of the ${tsm_arch}-guest driver fails.

This allows for emergency shutdown / revocation of attestation
interfaces, and requires coordinated restart.

Affected products Warnungen 0 Metrics 1 CWE 0 References 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < 015f04ac884a454d4d8aaa7b67758f047742b1cf

Version 70e6f7e2b98575621019aa40ac616be58ff984e0

Status affected

Version < cefbafcbdef011d6ef9414902311afdfba3c33eb

Version 70e6f7e2b98575621019aa40ac616be58ff984e0

Status affected

Version < fba4ceaa242d2bdf4c04b77bda41d32d02d3925d

Version 70e6f7e2b98575621019aa40ac616be58ff984e0

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version 6.7

Status affected

Version < 6.7

Version 0

Status unaffected

Version <= 6.12.*

Version 6.12.35

Status unaffected

Version <= 6.15.*

Version 6.15.4

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.052

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/015f04ac884a454d4d8aaa7b67758f047742b1cf

https://git.kernel.org/stable/c/cefbafcbdef011d6ef9414902311afdfba3c33eb

https://git.kernel.org/stable/c/fba4ceaa242d2bdf4c04b77bda41d32d02d3925d

https://nvd.nist.gov/vuln/detail/CVE-2025-38210

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38210

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38210

EUVD