CVE-2025-38024
📋 TL;DR
A use-after-free vulnerability in the Linux kernel's RDMA over Converged Ethernet (RoCE) implementation allows reading freed memory when creating completion queues fails. This affects systems using the rxe driver for RDMA networking, potentially exposing kernel memory contents to local attackers.
💻 Affected Systems
- Linux kernel with rxe RDMA driver enabled
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel memory disclosure leading to information leaks, potential privilege escalation if combined with other vulnerabilities, or system instability/crash.
Likely Case
Information disclosure of kernel memory contents to local users, potentially revealing sensitive data or memory addresses useful for further exploitation.
If Mitigated
Limited impact with proper access controls preventing local users from creating RDMA completion queues.
🎯 Exploit Status
Requires local access and ability to trigger RDMA completion queue creation failure scenarios.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions with commits: 16c45ced0b3839d3eee72a86bb172bef6cf58980, 336edd6b0f5b7fbffc3e065285610624f59e88df, 3a3b73e135e3bd18423d0baa72571319c7feb759, 52daccfc3fa68ee1902d52124921453d7a335591, 7c7c80c32e00665234e373ab03fe82f5c5c2c230
Vendor Advisory: https://git.kernel.org/stable/c/16c45ced0b3839d3eee72a86bb172bef6cf58980
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Reboot system to load patched kernel. 3. Verify rxe driver is using patched code.
🔧 Temporary Workarounds
Disable rxe RDMA driver
linuxPrevent loading of vulnerable rxe driver module
echo 'blacklist rxe' >> /etc/modprobe.d/blacklist-rxe.conf
rmmod rxe
Restrict RDMA permissions
linuxLimit users who can create RDMA completion queues
chmod 600 /dev/infiniband/*
setfacl -m u:root:rw- /dev/infiniband/*
🧯 If You Can't Patch
- Restrict local user access to systems with RDMA capabilities
- Implement strict monitoring for RDMA-related system calls and log analysis
🔍 How to Verify
Check if Vulnerable:
Check if rxe module is loaded: lsmod | grep rxe AND check kernel version against patched versionsCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits and test RDMA completion queue creation failure scenarios📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs
- KASAN reports of use-after-free in rxe_queue_cleanup
- Failed RDMA completion queue creation attempts
Network Indicators:
- Unusual RDMA traffic patterns
- Multiple failed RDMA connection attempts
SIEM Query:
source="kernel" AND ("rxe_queue_cleanup" OR "use-after-free" OR "KASAN")🔗 References
- https://git.kernel.org/stable/c/16c45ced0b3839d3eee72a86bb172bef6cf58980
- https://git.kernel.org/stable/c/336edd6b0f5b7fbffc3e065285610624f59e88df
- https://git.kernel.org/stable/c/3a3b73e135e3bd18423d0baa72571319c7feb759
- https://git.kernel.org/stable/c/52daccfc3fa68ee1902d52124921453d7a335591
- https://git.kernel.org/stable/c/7c7c80c32e00665234e373ab03fe82f5c5c2c230
- https://git.kernel.org/stable/c/ee4c5a2a38596d548566560c0c022ab797e6f71a
- https://git.kernel.org/stable/c/f81b33582f9339d2dc17c69b92040d3650bb4bae
- https://git.kernel.org/stable/c/f8f470e3a757425a8f98fb9a5991e3cf62fc7134
- https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
