Race Condition Vulnerability in Linux Kernel ATM Component
CVE-2025-38245

Currently unrated

Key Information:

Vendor

Linux

Status
Vendor
CVE Published:
9 July 2025

What is CVE-2025-38245?

A race condition has been identified in the Linux kernel’s ATM subsystem. This occurs during the deregistration of devices in the atm_dev_deregister() function. Specifically, the mutex is released after removing the device, which can result in a brief period where the device is no longer on the device list, but related procfs/sysfs entries remain active. If a device is being added during this window, it may lead to warnings or failures due to duplicate registrations. To mitigate this issue, the mutex should be held until all procfs/sysfs entries are completely removed.

Affected Version(s)

Linux 64bf69ddff7637b7ed7acf9b2a823cc0ee519439

Linux 64bf69ddff7637b7ed7acf9b2a823cc0ee519439

Linux 64bf69ddff7637b7ed7acf9b2a823cc0ee519439

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-38245 : Race Condition Vulnerability in Linux Kernel ATM Component