CVE-2025-38067
📋 TL;DR
A Linux kernel vulnerability in the rseq (restartable sequences) subsystem allows local attackers to cause a segmentation fault (crash) when registering rseq with a non-zero rseq_cs field. This affects systems running vulnerable Linux kernel versions with rseq enabled, primarily impacting multi-threaded applications using older glibc versions.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Local denial of service causing kernel panic or system crash, potentially disrupting critical services.
Likely Case
Application crash or segmentation fault in multi-threaded programs using rseq with older glibc, leading to service disruption.
If Mitigated
Minimal impact with proper kernel patching; applications continue functioning normally.
🎯 Exploit Status
Exploitation requires local access and ability to trigger rseq registration; no evidence of weaponization in wild.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits: 2df285dab00fa03a3ef939b6cb0d0d0aeb0791db, 3e4028ef31b69286c9d4878cee0330235f53f218, 48900d839a3454050fd5822e34be8d54c4ec9b86, b2b05d0dc2f4f0646922068af435aed5763d16ba, eaf112069a904b6207b4106ff083e0208232a2eb
Vendor Advisory: https://git.kernel.org/stable/c/2df285dab00fa03a3ef939b6cb0d0d0aeb0791db
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution vendor. 2. Reboot system to load new kernel. 3. Verify kernel version post-reboot.
🔧 Temporary Workarounds
Disable rseq via kernel boot parameter
linuxPrevents rseq subsystem from being used, mitigating vulnerability.
Add 'nordseq' to kernel boot parameters in GRUB configuration
🧯 If You Can't Patch
- Restrict local user access to minimize attack surface.
- Monitor systems for segmentation faults in applications using rseq.
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if rseq is enabled; vulnerable if using unpatched kernel with rseq support.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes the fix commits; test rseq registration functionality.📡 Detection & Monitoring
Log Indicators:
- Segmentation fault logs in application/system logs related to rseq operations
- Kernel panic logs
Network Indicators:
- None - local vulnerability only
SIEM Query:
Search for 'segmentation fault' or 'sigsegv' in logs with process names using rseq.🔗 References
- https://git.kernel.org/stable/c/2df285dab00fa03a3ef939b6cb0d0d0aeb0791db
- https://git.kernel.org/stable/c/3e4028ef31b69286c9d4878cee0330235f53f218
- https://git.kernel.org/stable/c/48900d839a3454050fd5822e34be8d54c4ec9b86
- https://git.kernel.org/stable/c/b2b05d0dc2f4f0646922068af435aed5763d16ba
- https://git.kernel.org/stable/c/eaf112069a904b6207b4106ff083e0208232a2eb
- https://git.kernel.org/stable/c/f004f58d18a2d3dc761cf973ad27b4a5997bd876
- https://git.kernel.org/stable/c/fd881d0a085fc54354414aed990ccf05f282ba53
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
