{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-38213", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T04:51:23.995Z", "datePublished": "2025-07-04T13:37:31.709Z", "dateUpdated": "2025-07-04T13:37:31.709Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-07-04T13:37:31.709Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvgacon: Add check for vc_origin address range in vgacon_scroll()\n\nOur in-house Syzkaller reported the following BUG (twice), which we\nbelieved was the same issue with [1]:\n\n==================================================================\nBUG: KASAN: slab-out-of-bounds in vcs_scr_readw+0xc2/0xd0 drivers/tty/vt/vt.c:4740\nRead of size 2 at addr ffff88800f5bef60 by task syz.7.2620/12393\n...\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x72/0xa0 lib/dump_stack.c:106\n print_address_description.constprop.0+0x6b/0x3d0 mm/kasan/report.c:364\n print_report+0xba/0x280 mm/kasan/report.c:475\n kasan_report+0xa9/0xe0 mm/kasan/report.c:588\n vcs_scr_readw+0xc2/0xd0 drivers/tty/vt/vt.c:4740\n vcs_write_buf_noattr drivers/tty/vt/vc_screen.c:493 [inline]\n vcs_write+0x586/0x840 drivers/tty/vt/vc_screen.c:690\n vfs_write+0x219/0x960 fs/read_write.c:584\n ksys_write+0x12e/0x260 fs/read_write.c:639\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x59/0x110 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n ...\n </TASK>\n\nAllocated by task 5614:\n kasan_save_stack+0x20/0x40 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n ____kasan_kmalloc mm/kasan/common.c:374 [inline]\n __kasan_kmalloc+0x8f/0xa0 mm/kasan/common.c:383\n kasan_kmalloc include/linux/kasan.h:201 [inline]\n __do_kmalloc_node mm/slab_common.c:1007 [inline]\n __kmalloc+0x62/0x140 mm/slab_common.c:1020\n kmalloc include/linux/slab.h:604 [inline]\n kzalloc include/linux/slab.h:721 [inline]\n vc_do_resize+0x235/0xf40 drivers/tty/vt/vt.c:1193\n vgacon_adjust_height+0x2d4/0x350 drivers/video/console/vgacon.c:1007\n vgacon_font_set+0x1f7/0x240 drivers/video/console/vgacon.c:1031\n con_font_set drivers/tty/vt/vt.c:4628 [inline]\n con_font_op+0x4da/0xa20 drivers/tty/vt/vt.c:4675\n vt_k_ioctl+0xa10/0xb30 drivers/tty/vt/vt_ioctl.c:474\n vt_ioctl+0x14c/0x1870 drivers/tty/vt/vt_ioctl.c:752\n tty_ioctl+0x655/0x1510 drivers/tty/tty_io.c:2779\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:871 [inline]\n __se_sys_ioctl+0x12d/0x190 fs/ioctl.c:857\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x59/0x110 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nLast potentially related work creation:\n kasan_save_stack+0x20/0x40 mm/kasan/common.c:45\n __kasan_record_aux_stack+0x94/0xa0 mm/kasan/generic.c:492\n __call_rcu_common.constprop.0+0xc3/0xa10 kernel/rcu/tree.c:2713\n netlink_release+0x620/0xc20 net/netlink/af_netlink.c:802\n __sock_release+0xb5/0x270 net/socket.c:663\n sock_close+0x1e/0x30 net/socket.c:1425\n __fput+0x408/0xab0 fs/file_table.c:384\n __fput_sync+0x4c/0x60 fs/file_table.c:465\n __do_sys_close fs/open.c:1580 [inline]\n __se_sys_close+0x68/0xd0 fs/open.c:1565\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x59/0x110 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nSecond to last potentially related work creation:\n kasan_save_stack+0x20/0x40 mm/kasan/common.c:45\n __kasan_record_aux_stack+0x94/0xa0 mm/kasan/generic.c:492\n __call_rcu_common.constprop.0+0xc3/0xa10 kernel/rcu/tree.c:2713\n netlink_release+0x620/0xc20 net/netlink/af_netlink.c:802\n __sock_release+0xb5/0x270 net/socket.c:663\n sock_close+0x1e/0x30 net/socket.c:1425\n __fput+0x408/0xab0 fs/file_table.c:384\n task_work_run+0x154/0x240 kernel/task_work.c:239\n exit_task_work include/linux/task_work.h:45 [inline]\n do_exit+0x8e5/0x1320 kernel/exit.c:874\n do_group_exit+0xcd/0x280 kernel/exit.c:1023\n get_signal+0x1675/0x1850 kernel/signal.c:2905\n arch_do_signal_or_restart+0x80/0x3b0 arch/x86/kernel/signal.c:310\n exit_to_user_mode_loop kernel/entry/common.c:111 [inline]\n exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]\n __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]\n syscall_exit_to_user_mode+0x1b3/0x1e0 kernel/entry/common.c:218\n do_syscall_64+0x66/0x110 arch/x86/ent\n---truncated---"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/video/console/vgacon.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "e44532b1c358bfd2c4c7dc28fd01d47fef09ac70", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "843de5fbfe277e30fb333a7fa033b684c37829ac", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "bf9c07864765864b968e59c7b72db91130d621ca", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "9928ba7de39793a1c7c77b8b9e6ecf6209110311", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "2f4040a5855a59e48296f1b5a7cc0fceea3195b1", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "f20fd54af4e1077fdbca4dd98375a4d1d941e50d", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "499b77fa1416a85fee106e60b240e912bca10cb8", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "864f9963ec6b4b76d104d595ba28110b87158003", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/video/console/vgacon.c"], "versions": [{"version": "2.6.12", "status": "affected"}, {"version": "0", "lessThan": "2.6.12", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.295", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.239", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.186", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.142", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.95", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.35", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.15.4", "lessThanOrEqual": "6.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.16-rc1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.12", "versionEndExcluding": "5.4.295"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.12", "versionEndExcluding": "5.10.239"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.12", "versionEndExcluding": "5.15.186"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.12", "versionEndExcluding": "6.1.142"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.12", "versionEndExcluding": "6.6.95"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.12", "versionEndExcluding": "6.12.35"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.12", "versionEndExcluding": "6.15.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.12", "versionEndExcluding": "6.16-rc1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/e44532b1c358bfd2c4c7dc28fd01d47fef09ac70"}, {"url": "https://git.kernel.org/stable/c/843de5fbfe277e30fb333a7fa033b684c37829ac"}, {"url": "https://git.kernel.org/stable/c/bf9c07864765864b968e59c7b72db91130d621ca"}, {"url": "https://git.kernel.org/stable/c/9928ba7de39793a1c7c77b8b9e6ecf6209110311"}, {"url": "https://git.kernel.org/stable/c/2f4040a5855a59e48296f1b5a7cc0fceea3195b1"}, {"url": "https://git.kernel.org/stable/c/f20fd54af4e1077fdbca4dd98375a4d1d941e50d"}, {"url": "https://git.kernel.org/stable/c/499b77fa1416a85fee106e60b240e912bca10cb8"}, {"url": "https://git.kernel.org/stable/c/864f9963ec6b4b76d104d595ba28110b87158003"}], "title": "vgacon: Add check for vc_origin address range in vgacon_scroll()", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvgacon: Add check for vc_origin address range in vgacon_scroll()\n\nOur in-house Syzkaller reported the following BUG (twice), which we\nbelieved was the same issue with [1]:\n\n==================================================================\nBUG: KASAN: slab-out-of-bounds in vcs_scr_readw+0xc2/0xd0 drivers/tty/vt/vt.c:4740\nRead of size 2 at addr ffff88800f5bef60 by task syz.7.2620/12393\n...\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x72/0xa0 lib/dump_stack.c:106\n print_address_description.constprop.0+0x6b/0x3d0 mm/kasan/report.c:364\n print_report+0xba/0x280 mm/kasan/report.c:475\n kasan_report+0xa9/0xe0 mm/kasan/report.c:588\n vcs_scr_readw+0xc2/0xd0 drivers/tty/vt/vt.c:4740\n vcs_write_buf_noattr drivers/tty/vt/vc_screen.c:493 [inline]\n vcs_write+0x586/0x840 drivers/tty/vt/vc_screen.c:690\n vfs_write+0x219/0x960 fs/read_write.c:584\n ksys_write+0x12e/0x260 fs/read_write.c:639\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x59/0x110 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n ...\n </TASK>\n\nAllocated by task 5614:\n kasan_save_stack+0x20/0x40 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n ____kasan_kmalloc mm/kasan/common.c:374 [inline]\n __kasan_kmalloc+0x8f/0xa0 mm/kasan/common.c:383\n kasan_kmalloc include/linux/kasan.h:201 [inline]\n __do_kmalloc_node mm/slab_common.c:1007 [inline]\n __kmalloc+0x62/0x140 mm/slab_common.c:1020\n kmalloc include/linux/slab.h:604 [inline]\n kzalloc include/linux/slab.h:721 [inline]\n vc_do_resize+0x235/0xf40 drivers/tty/vt/vt.c:1193\n vgacon_adjust_height+0x2d4/0x350 drivers/video/console/vgacon.c:1007\n vgacon_font_set+0x1f7/0x240 drivers/video/console/vgacon.c:1031\n con_font_set drivers/tty/vt/vt.c:4628 [inline]\n con_font_op+0x4da/0xa20 drivers/tty/vt/vt.c:4675\n vt_k_ioctl+0xa10/0xb30 drivers/tty/vt/vt_ioctl.c:474\n vt_ioctl+0x14c/0x1870 drivers/tty/vt/vt_ioctl.c:752\n tty_ioctl+0x655/0x1510 drivers/tty/tty_io.c:2779\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:871 [inline]\n __se_sys_ioctl+0x12d/0x190 fs/ioctl.c:857\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x59/0x110 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nLast potentially related work creation:\n kasan_save_stack+0x20/0x40 mm/kasan/common.c:45\n __kasan_record_aux_stack+0x94/0xa0 mm/kasan/generic.c:492\n __call_rcu_common.constprop.0+0xc3/0xa10 kernel/rcu/tree.c:2713\n netlink_release+0x620/0xc20 net/netlink/af_netlink.c:802\n __sock_release+0xb5/0x270 net/socket.c:663\n sock_close+0x1e/0x30 net/socket.c:1425\n __fput+0x408/0xab0 fs/file_table.c:384\n __fput_sync+0x4c/0x60 fs/file_table.c:465\n __do_sys_close fs/open.c:1580 [inline]\n __se_sys_close+0x68/0xd0 fs/open.c:1565\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x59/0x110 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nSecond to last potentially related work creation:\n kasan_save_stack+0x20/0x40 mm/kasan/common.c:45\n __kasan_record_aux_stack+0x94/0xa0 mm/kasan/generic.c:492\n __call_rcu_common.constprop.0+0xc3/0xa10 kernel/rcu/tree.c:2713\n netlink_release+0x620/0xc20 net/netlink/af_netlink.c:802\n __sock_release+0xb5/0x270 net/socket.c:663\n sock_close+0x1e/0x30 net/socket.c:1425\n __fput+0x408/0xab0 fs/file_table.c:384\n task_work_run+0x154/0x240 kernel/task_work.c:239\n exit_task_work include/linux/task_work.h:45 [inline]\n do_exit+0x8e5/0x1320 kernel/exit.c:874\n do_group_exit+0xcd/0x280 kernel/exit.c:1023\n get_signal+0x1675/0x1850 kernel/signal.c:2905\n arch_do_signal_or_restart+0x80/0x3b0 arch/x86/kernel/signal.c:310\n exit_to_user_mode_loop kernel/entry/common.c:111 [inline]\n exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]\n __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]\n syscall_exit_to_user_mode+0x1b3/0x1e0 kernel/entry/common.c:218\n do_syscall_64+0x66/0x110 arch/x86/ent\n---truncated---"}], "id": "CVE-2025-38213", "lastModified": "2025-07-04T14:15:29.710", "metrics": {}, "published": "2025-07-04T14:15:29.710", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/2f4040a5855a59e48296f1b5a7cc0fceea3195b1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/499b77fa1416a85fee106e60b240e912bca10cb8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/843de5fbfe277e30fb333a7fa033b684c37829ac"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/864f9963ec6b4b76d104d595ba28110b87158003"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9928ba7de39793a1c7c77b8b9e6ecf6209110311"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/bf9c07864765864b968e59c7b72db91130d621ca"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e44532b1c358bfd2c4c7dc28fd01d47fef09ac70"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/f20fd54af4e1077fdbca4dd98375a4d1d941e50d"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Received"}

{"bugzilla": {"description": "kernel: vgacon: Add check for vc_origin address range in vgacon_scroll()", "id": "2376360", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376360"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nvgacon: Add check for vc_origin address range in vgacon_scroll()\nOur in-house Syzkaller reported the following BUG (twice), which we\nbelieved was the same issue with [1]:\n==================================================================\nBUG: KASAN: slab-out-of-bounds in vcs_scr_readw+0xc2/0xd0 drivers/tty/vt/vt.c:4740\nRead of size 2 at addr ffff88800f5bef60 by task syz.7.2620/12393\n...\nCall Trace:\n<TASK>\n__dump_stack lib/dump_stack.c:88 [inline]\ndump_stack_lvl+0x72/0xa0 lib/dump_stack.c:106\nprint_address_description.constprop.0+0x6b/0x3d0 mm/kasan/report.c:364\nprint_report+0xba/0x280 mm/kasan/report.c:475\nkasan_report+0xa9/0xe0 mm/kasan/report.c:588\nvcs_scr_readw+0xc2/0xd0 drivers/tty/vt/vt.c:4740\nvcs_write_buf_noattr drivers/tty/vt/vc_screen.c:493 [inline]\nvcs_write+0x586/0x840 drivers/tty/vt/vc_screen.c:690\nvfs_write+0x219/0x960 fs/read_write.c:584\nksys_write+0x12e/0x260 fs/read_write.c:639\ndo_syscall_x64 arch/x86/entry/common.c:51 [inline]\ndo_syscall_64+0x59/0x110 arch/x86/entry/common.c:81\nentry_SYSCALL_64_after_hwframe+0x78/0xe2\n...\n</TASK>\nAllocated by task 5614:\nkasan_save_stack+0x20/0x40 mm/kasan/common.c:45\nkasan_set_track+0x25/0x30 mm/kasan/common.c:52\n____kasan_kmalloc mm/kasan/common.c:374 [inline]\n__kasan_kmalloc+0x8f/0xa0 mm/kasan/common.c:383\nkasan_kmalloc include/linux/kasan.h:201 [inline]\n__do_kmalloc_node mm/slab_common.c:1007 [inline]\n__kmalloc+0x62/0x140 mm/slab_common.c:1020\nkmalloc include/linux/slab.h:604 [inline]\nkzalloc include/linux/slab.h:721 [inline]\nvc_do_resize+0x235/0xf40 drivers/tty/vt/vt.c:1193\nvgacon_adjust_height+0x2d4/0x350 drivers/video/console/vgacon.c:1007\nvgacon_font_set+0x1f7/0x240 drivers/video/console/vgacon.c:1031\ncon_font_set drivers/tty/vt/vt.c:4628 [inline]\ncon_font_op+0x4da/0xa20 drivers/tty/vt/vt.c:4675\nvt_k_ioctl+0xa10/0xb30 drivers/tty/vt/vt_ioctl.c:474\nvt_ioctl+0x14c/0x1870 drivers/tty/vt/vt_ioctl.c:752\ntty_ioctl+0x655/0x1510 drivers/tty/tty_io.c:2779\nvfs_ioctl fs/ioctl.c:51 [inline]\n__do_sys_ioctl fs/ioctl.c:871 [inline]\n__se_sys_ioctl+0x12d/0x190 fs/ioctl.c:857\ndo_syscall_x64 arch/x86/entry/common.c:51 [inline]\ndo_syscall_64+0x59/0x110 arch/x86/entry/common.c:81\nentry_SYSCALL_64_after_hwframe+0x78/0xe2\nLast potentially related work creation:\nkasan_save_stack+0x20/0x40 mm/kasan/common.c:45\n__kasan_record_aux_stack+0x94/0xa0 mm/kasan/generic.c:492\n__call_rcu_common.constprop.0+0xc3/0xa10 kernel/rcu/tree.c:2713\nnetlink_release+0x620/0xc20 net/netlink/af_netlink.c:802\n__sock_release+0xb5/0x270 net/socket.c:663\nsock_close+0x1e/0x30 net/socket.c:1425\n__fput+0x408/0xab0 fs/file_table.c:384\n__fput_sync+0x4c/0x60 fs/file_table.c:465\n__do_sys_close fs/open.c:1580 [inline]\n__se_sys_close+0x68/0xd0 fs/open.c:1565\ndo_syscall_x64 arch/x86/entry/common.c:51 [inline]\ndo_syscall_64+0x59/0x110 arch/x86/entry/common.c:81\nentry_SYSCALL_64_after_hwframe+0x78/0xe2\nSecond to last potentially related work creation:\nkasan_save_stack+0x20/0x40 mm/kasan/common.c:45\n__kasan_record_aux_stack+0x94/0xa0 mm/kasan/generic.c:492\n__call_rcu_common.constprop.0+0xc3/0xa10 kernel/rcu/tree.c:2713\nnetlink_release+0x620/0xc20 net/netlink/af_netlink.c:802\n__sock_release+0xb5/0x270 net/socket.c:663\nsock_close+0x1e/0x30 net/socket.c:1425\n__fput+0x408/0xab0 fs/file_table.c:384\ntask_work_run+0x154/0x240 kernel/task_work.c:239\nexit_task_work include/linux/task_work.h:45 [inline]\ndo_exit+0x8e5/0x1320 kernel/exit.c:874\ndo_group_exit+0xcd/0x280 kernel/exit.c:1023\nget_signal+0x1675/0x1850 kernel/signal.c:2905\narch_do_signal_or_restart+0x80/0x3b0 arch/x86/kernel/signal.c:310\nexit_to_user_mode_loop kernel/entry/common.c:111 [inline]\nexit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]\n__syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]\nsyscall_exit_to_user_mode+0x1b3/0x1e0 kernel/entry/common.c:218\ndo_syscall_64+0x66/0x110 arch/x86/ent\n---truncated---"], "name": "CVE-2025-38213", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-07-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-38213\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-38213\nhttps://lore.kernel.org/linux-cve-announce/2025070422-CVE-2025-38213-c3e3@gregkh/T"], "threat_severity": "Low"}