目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

CVE-2025-38524— Linux kernel 安全漏洞

AI 预测 5.5 利用难度: 困难 EPSS 0.10% · P1

影响版本矩阵 10

厂商产品版本范围状态
LinuxLinux248f219cb8bcbfbd7f132752d44afa2df7c241d1< 7692bde890061797f3dece0148d7859e85c55778affected
248f219cb8bcbfbd7f132752d44afa2df7c241d1< 839fe96c15209dc2255c064bb44b636efe04f032affected
248f219cb8bcbfbd7f132752d44afa2df7c241d1< 6c75a97a32a5fa2060c3dd30207e63b6914b606daffected
248f219cb8bcbfbd7f132752d44afa2df7c241d1< 962fb1f651c2cf2083e0c3ef53ba69e3b96d3fbcaffected
4.9affected
< 4.9unaffected
6.6.100≤ 6.6.*unaffected
6.12.40≤ 6.12.*unaffected
… +2 条更多
获取后续新漏洞提醒登录后订阅

一、 漏洞 CVE-2025-38524 基础信息

漏洞信息

对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
rxrpc: Fix recv-recv race of completed call
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recv-recv race of completed call If a call receives an event (such as incoming data), the call gets placed on the socket's queue and a thread in recvmsg can be awakened to go and process it. Once the thread has picked up the call off of the queue, further events will cause it to be requeued, and once the socket lock is dropped (recvmsg uses call->user_mutex to allow the socket to be used in parallel), a second thread can come in and its recvmsg can pop the call off the socket queue again. In such a case, the first thread will be receiving stuff from the call and the second thread will be blocked on call->user_mutex. The first thread can, at this point, process both the event that it picked call for and the event that the second thread picked the call for and may see the call terminate - in which case the call will be "released", decoupling the call from the user call ID assigned to it (RXRPC_USER_CALL_ID in the control message). The first thread will return okay, but then the second thread will wake up holding the user_mutex and, if it sees that the call has been released by the first thread, it will BUG thusly: kernel BUG at net/rxrpc/recvmsg.c:474! Fix this by just dequeuing the call and ignoring it if it is seen to be already released. We can't tell userspace about it anyway as the user call ID has become stale.
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Linux kernel 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于rxrpc在已完成调用上存在接收竞争,可能导致用户调用ID泄漏。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商产品影响版本CPE订阅
LinuxLinux 248f219cb8bcbfbd7f132752d44afa2df7c241d1 ~ 7692bde890061797f3dece0148d7859e85c55778 -
LinuxLinux 4.9 -

二、漏洞 CVE-2025-38524 的公开POC

#POC 描述源链接神龙链接
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2025-38524 的情报信息

登录查看更多情报信息。

CVE-2025-38524 补丁与修复 (4)

同批安全公告 · Linux · 2025-08-16 · 共 59 条

CVE-2025-38519Linux kernel 安全漏洞
CVE-2025-38507Linux kernel 安全漏洞
CVE-2025-38504Linux kernel 安全漏洞
CVE-2025-38505Linux kernel 安全漏洞
CVE-2025-38506Linux kernel 安全漏洞
CVE-2025-38503Linux kernel 安全漏洞
CVE-2025-38515Linux kernel 安全漏洞
CVE-2025-38516Linux kernel 安全漏洞
CVE-2025-38517Linux kernel 安全漏洞
CVE-2025-38518Linux kernel 安全漏洞
CVE-2025-38514Linux kernel 安全漏洞
CVE-2025-38520Linux kernel 安全漏洞
CVE-2025-38521Linux kernel 安全漏洞
CVE-2025-38522Linux kernel 安全漏洞
CVE-2025-38523Linux kernel 安全漏洞
CVE-2025-38525Linux kernel 安全漏洞
CVE-2025-38526Linux kernel 安全漏洞
CVE-2025-38527Linux kernel 安全漏洞
CVE-2025-38528Linux kernel 安全漏洞
CVE-2025-38529Linux kernel 安全漏洞

显示前 20 条,共 59 条。 查看全部 &rarr; →

IV. Related Vulnerabilities

V. Comments for CVE-2025-38524

暂无评论


发表评论