Race Condition Vulnerability in Linux Kernel ATM Component
CVE-2025-38245
Currently unrated
What is CVE-2025-38245?
A race condition has been identified in the Linux kernel’s ATM subsystem. This occurs during the deregistration of devices in the atm_dev_deregister() function. Specifically, the mutex is released after removing the device, which can result in a brief period where the device is no longer on the device list, but related procfs/sysfs entries remain active. If a device is being added during this window, it may lead to warnings or failures due to duplicate registrations. To mitigate this issue, the mutex should be held until all procfs/sysfs entries are completely removed.
Affected Version(s)
Linux 64bf69ddff7637b7ed7acf9b2a823cc0ee519439
Linux 64bf69ddff7637b7ed7acf9b2a823cc0ee519439
Linux 64bf69ddff7637b7ed7acf9b2a823cc0ee519439