Race Condition in Linux Kernel Coresight Configuration Affecting CPU Performance
CVE-2025-38132

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 3 July 2025

What is CVE-2025-38132?

A race condition vulnerability has been identified in the Linux kernel's coresight configuration, which may lead to inconsistent system behavior during performance monitoring. This issue arises from improper locking mechanisms, allowing multiple CPUs to interact with the configuration simultaneously. Specifically, while one CPU activates a configuration, another may attempt to deactivate it, leading to unpredictable states and potential system instability. A resolution has been implemented to ensure that the configuration lock is maintained during critical operations, thereby enhancing the reliability and performance of CPU-related tasks.

Affected Version(s)

Linux 02bd588e12df405bdf55244708151b7f238b79ba < 42f8afb0b161631fd1d814d017f75f955475ad41

Linux 02bd588e12df405bdf55244708151b7f238b79ba < 53b9e2659719b04f5ba7593f2af0f2335f75e94a

Linux 5.17

References

https://git.kernel.org/stable/c/42f8afb0b161631fd1d814d01...

https://git.kernel.org/stable/c/53b9e2659719b04f5ba7593f2...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 3, 2025
Vulnerability Reserved
Apr 16, 2025