Use-After-Free Vulnerability in Linux Kernel's Eventpoll Handling
CVE-2025-38349
What is CVE-2025-38349?
A significant vulnerability has been identified in the Linux kernel related to the eventpoll mechanism, which can lead to a use-after-free condition. This occurs when the reference count of an eventpoll instance is decremented while still holding the associated mutex. If another thread acquires this mutex and frees the eventpoll instance concurrently, it can result in the first thread accessing freed memory. This vulnerability underlines the importance of careful mutex management and proper reference counting to ensure memory safety within the kernel. The issue has been addressed by altering the refcount decrement process to occur outside of the mutex, thereby enhancing protection against such race conditions.
Affected Version(s)
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 521e9ff0b67c66a17d6f9593dfccafaa984aae4c
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 6dee745bd0aec9d399df674256e7b1ecdb615444
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 605c18698ecfa99165f36b7f59d3ed503e169814