Use-After-Free Vulnerability in Linux Kernel Affected by AppleTalk Module
CVE-2025-38666

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
22 August 2025

What is CVE-2025-38666?

A use-after-free vulnerability in the Linux kernel's AppleTalk module has been identified, originating from a race condition during the AARP proxy-probe routine. When the function aarp_proxy_probe_network is called, it acquires a lock and allocates memory for an AARP entry. However, while the lock is released and the process sleeps momentarily, a timer thread can remove and free the same entry, leading to potential exploitation. This mismanagement of memory can result in unauthorized access or manipulation of the underlying data structures, posing a significant risk to system stability and security. The vulnerability has been addressed in subsequent kernel updates.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 82d19a70ced28b17a38ebf1b6978c6c7db894979

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 186942d19c0222617ef61f50e1dba91e269a5963

References

https://git.kernel.org/stable/c/b35694ffabb2af308a1f725d7...
https://git.kernel.org/stable/c/82d19a70ced28b17a38ebf1b6...
https://git.kernel.org/stable/c/186942d19c0222617ef61f50e...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.