CVE-2025-38245

7.8 HIGH

Denial of Service

📋 TL;DR

A race condition vulnerability in the Linux kernel's ATM subsystem allows concurrent device registration and deregistration to cause a kernel warning. This affects systems using ATM networking with the atmtcp driver. The vulnerability can lead to system instability or denial of service.

💻 Affected Systems

Products:

Linux kernel

Versions: Kernel versions before the fix commits (specific versions vary by distribution)

Operating Systems: Linux distributions with ATM subsystem enabled

Default Config Vulnerable: ✅ No

Notes: Only vulnerable if ATM subsystem is compiled/enabled and atmtcp driver is used. Most modern systems don't use ATM networking by default.

📦 What is this software?

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic or system crash due to double registration of procfs entries, causing denial of service.

🟠

Likely Case

Kernel warning messages in system logs and potential system instability during ATM device operations.

🟢

If Mitigated

Minor performance impact from proper mutex handling with no security compromise.

🌐 Internet-Facing: LOW - ATM networking is rarely exposed to the internet and requires local access.

🏢 Internal Only: MEDIUM - Systems using ATM networking internally could experience service disruption.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: HIGH

Requires local access and ability to create/remove ATM devices. Race condition timing makes exploitation difficult.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions with commits: 26248d5d68c865b888d632162abbf8130645622c, 2a8dcee649d12f69713f2589171a1caf6d4fa439, 4bb1bb438134d9ee6b97cc07289dd7c569092eec, 6922f1a048c090f10704bbef4a3a1e81932d2e0a, a433791aeaea6e84df709e0b9584b9bbe040cd1c

Vendor Advisory: https://git.kernel.org/stable/c/26248d5d68c865b888d632162abbf8130645622c

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution. 2. Reboot system to load new kernel. 3. Verify ATM subsystem is not needed or disable if unused.

🔧 Temporary Workarounds

Disable ATM subsystem

linux

Remove ATM kernel module if not required for system functionality

sudo rmmod atm
sudo modprobe -r atm

Blacklist atmtcp driver

linux

Prevent loading of vulnerable atmtcp driver

echo 'blacklist atmtcp' | sudo tee /etc/modprobe.d/blacklist-atmtcp.conf

🧯 If You Can't Patch

Disable ATM networking functionality entirely
Implement strict access controls to prevent unauthorized users from creating ATM devices

🔍 How to Verify

Check if Vulnerable:

Check if ATM subsystem is loaded: lsmod | grep atm. Check kernel version against patched versions.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits. Test ATM device creation/removal operations.

📡 Detection & Monitoring

Log Indicators:

Kernel warning messages containing 'proc_dir_entry already registered' or 'atm/atmtcp'

Network Indicators:

Unusual ATM device creation patterns

SIEM Query:

source="kernel" AND "proc_dir_entry" AND "already registered"

📊 Metadata

CVE ID: CVE-2025-38245

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score: 0.01% exploit probability (2.3th percentile)

Published: July 9, 2025

Last Updated: December 18, 2025

🔗 References

https://git.kernel.org/stable/c/26248d5d68c865b888d632162abbf8130645622c Patch
https://git.kernel.org/stable/c/2a8dcee649d12f69713f2589171a1caf6d4fa439 Patch
https://git.kernel.org/stable/c/4bb1bb438134d9ee6b97cc07289dd7c569092eec Patch
https://git.kernel.org/stable/c/6922f1a048c090f10704bbef4a3a1e81932d2e0a Patch
https://git.kernel.org/stable/c/a433791aeaea6e84df709e0b9584b9bbe040cd1c Patch
https://git.kernel.org/stable/c/ae539d963a17443ec54cba8a767e4ffa318264f4 Patch
https://git.kernel.org/stable/c/b2e40fcfe1575faaa548f87614006d3fe44c779e Patch
https://git.kernel.org/stable/c/cabed6ba92a9a8c09da02a3f20e32ecd80989896 Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html Third Party Advisory,Mailing List
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html Third Party Advisory,Mailing List