State Pointer Initialization Flaw in Linux Kernel Affects Multiple Systems
CVE-2025-38675

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
22 August 2025

What is CVE-2025-38675?

A vulnerability in the Linux kernel involves improper initialization of state pointers during context switching. The issue arises when handling preemption, where a lookup on one CPU may incorrectly reference states associated with another CPU. This flaw could enable unsafe operations in future modifications if not adequately addressed, necessitating immediate attention and resolution. The patch has been applied to ensure proper initialization of state pointers following the acquisition of read locks, which mitigates this potential misuse.

Affected Version(s)

Linux a16871c7832ea6435abb6e0b58289ae7dcb7e4fc < 6bf2daafc51bcb9272c0fdff2afd38217337d0d3

Linux e952837f3ddb0ff726d5b582aa1aad9aa38d024d < 463562f9591742be62ddde3b426a0533ed496955

Linux e952837f3ddb0ff726d5b582aa1aad9aa38d024d < 94d077c331730510d5611b438640a292097341f0

References

https://git.kernel.org/stable/c/6bf2daafc51bcb9272c0fdff2...
https://git.kernel.org/stable/c/463562f9591742be62ddde3b4...
https://git.kernel.org/stable/c/94d077c331730510d5611b438...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-38675 : State Pointer Initialization Flaw in Linux Kernel Affects Multiple Systems