Login Sign Up

CVE-2025-38004

7.1 HIGH

📋 TL;DR

A race condition vulnerability in the Linux kernel's CAN broadcast manager (BCM) allows concurrent access to shared data structures from user space and timer contexts, leading to out-of-bounds memory reads. This affects Linux systems using CAN bus functionality, particularly in automotive, industrial control, and embedded systems. Attackers with local access can trigger kernel memory corruption.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected versions not specified in CVE, but patches exist for multiple stable branches (see references).
Operating Systems: Linux distributions with vulnerable kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems with CAN bus functionality enabled and in use. Many general-purpose Linux installations may not be affected unless specifically using CAN interfaces.

📦 What is this software?

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel memory corruption leading to system crash, denial of service, or potential privilege escalation through further exploitation of memory corruption.

🟠

Likely Case

System instability, kernel crashes, or denial of service affecting CAN bus functionality on vulnerable systems.

🟢

If Mitigated

Minimal impact if systems don't use CAN bus functionality or have proper access controls preventing local user exploitation.

🌐 Internet-Facing: LOW - This requires local access to the system and CAN bus functionality, making remote exploitation unlikely.
🏢 Internal Only: MEDIUM - Internal users with access to CAN bus interfaces could exploit this to cause system instability or crashes.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Proof of concept exists demonstrating the KASAN slab-out-of-bounds read. Exploitation requires local access and knowledge of CAN bus operations.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Multiple stable kernel versions with commits: 2a437b86ac5a9893c902f30ef66815bf13587bf6, 7595de7bc56e0e52b74e56c90f7e247bf626d628, 76c84c3728178b2d38d5604e399dfe8b0752645e, 8f1c022541bf5a923c8d6fa483112c15250f30a4, c2aba69d0c36a496ab4f2e81e9c2b271f2693fd7

Vendor Advisory: https://git.kernel.org/stable/c/2a437b86ac5a9893c902f30ef66815bf13587bf6

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version. 2. Check distribution-specific security advisories. 3. Reboot system after kernel update. 4. Verify CAN BCM functionality post-update.

🔧 Temporary Workarounds

Disable CAN BCM module

linux

Remove or blacklist the CAN broadcast manager module if not required

sudo modprobe -r can_bcm
echo 'blacklist can_bcm' | sudo tee /etc/modprobe.d/blacklist-can-bcm.conf

Restrict CAN interface access

linux

Limit user access to CAN bus interfaces using permissions or SELinux/AppArmor

sudo chmod 600 /dev/can*
sudo setfacl -m u:canuser:rw /dev/can0

🧯 If You Can't Patch

  • Implement strict access controls to prevent unauthorized users from accessing CAN bus interfaces
  • Monitor system logs for CAN-related errors or crashes and implement compensating controls

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if CAN BCM module is loaded: lsmod | grep can_bcm && uname -r

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated and check for presence of fix commits in kernel source

📡 Detection & Monitoring

Log Indicators:

  • Kernel oops messages related to CAN BCM
  • KASAN error reports for slab-out-of-bounds reads
  • System crashes or instability when CAN bus is active

Network Indicators:

  • Unusual CAN bus traffic patterns
  • Multiple CAN frame transmission errors

SIEM Query:

source="kernel" AND ("can_bcm" OR "KASAN: slab-out-of-bounds" OR "BCM")

📊 Metadata

CVE ID: CVE-2025-38004
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE: CWE-125
EPSS Score: 0.02% exploit probability (5.4th percentile)
Published: June 8, 2025
Last Updated: December 17, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-38004, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)