216.73.217.98

CVE-2025-38617

· Published 22/08/2025 14:15 · Modified 22/08/2025 18:08

Labels: CVE-2025-38617 2025-08-22416baaa9-dc9f-4396-8d5f-8c081fb06d67CVE-2025-38617

Essential information

Published
22/08/2025 14:15
Modified
22/08/2025 18:08
Author
Creator
CISA KEV
No
CWE

Description

In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packet_set_ring() and packet_notifier() When packet_set_ring() releases po->bind_lock, another thread can run packet_notifier() and process an NETDEV_UP event. This race and the fix are both similar to that of commit 15fe076edea7 ("net/packet: fix a race in packet_bind() and packet_notifier()"). There too the packet_notifier NETDEV_UP event managed to run while a po->bind_lock critical section had to be temporarily released. And the fix was similarly to temporarily set po->num to zero to keep the socket unhooked until the lock is retaken. The po->bind_lock in packet_set_ring and packet_notifier precede the introduction of git history.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD
View on NVD

Affected products (CPE)

ProductCPE
linux / kernel cpe:2.3:a:linux:kernel:*:*:*:*:*:*:*:*

References