CVE-2025-38037

MEDIUM EPSS 7.5%
Published Jun 18, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Jun 18, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: vxlan: Annotate FDB data races The 'used' and 'updated' fields in the FDB entry structure can be accessed concurrently by multiple threads, leading to reports such as [1]. Can be reproduced using [2]. Suppress these reports by annotating these accesses using READ_ONCE() / WRITE_ONCE(). [1] BUG: KCSAN: data-race in vxlan_xmit / vxlan_xmit write to 0xffff942604d263a8 of 8 bytes by task 286 on cpu 0: vxlan_xmit+0xb29/0x2380 dev_hard_start_xmit+0x84/0x2f0 __dev_queue_xmit+0x45a/0x1650 packet_xmit+0x100/0x150 packet_sendmsg+0x2114/0x2ac0 __sys_sendto+0x318/0x330 __x64_sys_sendto+0x76/0x90 x64_sys_call+0x14e8/0x1c00 do_syscall_64+0x9e/0x1a0 entry_SYSCALL_64_after_hwframe+0x77/0x7f read to 0xffff942604d263a8 of 8 bytes by task 287 on cpu 2: vxlan_xmit+0xadf/0x2380 dev_hard_start_xmit+0x84/0x2f0 __dev_queue_xmit+0x45a/0x1650 packet_xmit+0x100/0x150 packet_sendmsg+0x2114/0x2ac0 __sys_sendto+0x318/0x330 __x64_sys_sendto+0x76/0x90 x64_sys_call+0x14e8/0x1c00 do_syscall_64+0x9e/0x1a0 entry_SYSCALL_64_after_hwframe+0x77/0x7f value changed: 0x00000000fffbac6e -> 0x00000000fffbac6f Reported by Kernel Concurrency Sanitizer on: CPU: 2 UID: 0 PID: 287 Comm: mausezahn Not tainted 6.13.0-rc7-01544-gb4b270f11a02 #5 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014 [2] #!/bin/bash set +H echo whitelist > /sys/kernel/debug/kcsan echo !vxlan_xmit > /sys/kernel/debug/kcsan ip link add name vx0 up type vxlan id 10010 dstport 4789 local 192.0.2.1 bridge fdb add 00:11:22:33:44:55 dev vx0 self static dst 198.51.100.1 taskset -c 0 mausezahn vx0 -a own -b 00:11:22:33:44:55 -c 0 -q & taskset -c 2 mausezahn vx0 -a own -b 00:11:22:33:44:55 -c 0 -q &

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
7.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel*≥3.7  –  <5.4.294
linuxlinux_kernel*≥5.5  –  <5.10.238
linuxlinux_kernel*≥5.11  –  <5.15.185
linuxlinux_kernel*≥5.16  –  <6.1.141
linuxlinux_kernel*≥6.2  –  <6.6.93
linuxlinux_kernel*≥6.7  –  <6.12.31
linuxlinux_kernel*≥6.13  –  <6.14.9
debiandebian_linux11.0any

References 10

  • git.kernel.org https://git.kernel.org/stable/c/02a33b1035a307453a1da6ce0a1bf3676be287d7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/13cba3f837903f7184d6e9b6137d5165ffe82a8f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4eceb7eae6ea7c950384c34e6dbbe872c981935f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/784b78295a3a58bf052339dd669e6e03710220d3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/87d076987a9ba106c83412fcd113656f71af05a1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a6644aeb8ddf196dec5f8e782293c36f065df4d7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e033da39fc6abbddab6c29624acef80757f273fa
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f6205f8215f12a96518ac9469ff76294ae7bd612
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
    Third Party Advisory
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
    Third Party Advisory

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/02a33b1035a307453a1da6ce0a1bf3676be287d7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/13cba3f837903f7184d6e9b6137d5165ffe82a8f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4eceb7eae6ea7c950384c34e6dbbe872c981935f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/784b78295a3a58bf052339dd669e6e03710220d3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/87d076987a9ba106c83412fcd113656f71af05a1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a6644aeb8ddf196dec5f8e782293c36f065df4d7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e033da39fc6abbddab6c29624acef80757f273fa
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f6205f8215f12a96518ac9469ff76294ae7bd612
    Patch