Login Sign Up

CVE-2025-38320

7.1 HIGH

📋 TL;DR

This CVE describes a stack-out-of-bounds read vulnerability in the Linux kernel's arm64/ptrace component. The flaw occurs in regs_get_kernel_stack_nth() function where KASAN incorrectly reports a stack boundary violation when reading kernel stack values. This affects Linux systems running on ARM64 architecture with kernel debugging/probing features enabled.

💻 Affected Systems

Products:
  • Linux Kernel
Versions: Linux kernel versions prior to fixes (specific versions in commit references)
Operating Systems: Linux distributions running on ARM64 architecture
Default Config Vulnerable: ✅ No
Notes: Only affects systems with kernel debugging/probing features enabled (kprobes, tracing). ARM64 architecture specific.

📦 What is this software?

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel memory disclosure leading to information leakage, potential privilege escalation if combined with other vulnerabilities, or kernel panic causing denial of service.

🟠

Likely Case

Information disclosure of kernel stack memory, potentially exposing sensitive data or kernel pointers that could aid further exploitation.

🟢

If Mitigated

Minimal impact with proper kernel hardening and KASAN configurations, primarily affecting debugging/probing functionality.

🌐 Internet-Facing: LOW - Requires local access and specific kernel debugging capabilities to trigger.
🏢 Internal Only: MEDIUM - Local attackers with debugging privileges could exploit this to leak kernel memory information.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access and ability to trigger kernel debugging functions. Similar issue was previously fixed on s390 architecture.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Linux kernel with commits: 01f91d415a8375d85e0c7d3615cd4a168308bb7c, 21da6d3561f373898349ca7167c9811c020da695, 22f935bc86bdfbde04009f05eee191d220cd8c89, 39dfc971e42d886e7df01371cd1bef505076d84c, 422e565b7889ebfd9c8705a3fc786642afe61fca

Vendor Advisory: https://git.kernel.org/stable/c/01f91d415a8375d85e0c7d3615cd4a168308bb7c

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. For distributions: Use package manager (apt/yum/dnf) to update kernel package. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable kernel debugging features

linux

Disable kprobes and kernel tracing functionality to prevent triggering the vulnerable code path

echo 0 > /sys/kernel/debug/tracing/events/kprobes/enable
echo 0 > /proc/sys/kernel/kptr_restrict

🧯 If You Can't Patch

  • Restrict access to debugging/probing capabilities to trusted users only
  • Implement strict privilege separation and limit local user access

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if running on ARM64 architecture with debugging enabled: uname -r && grep -i arm64 /proc/cpuinfo

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version contains fix commits: grep -E '01f91d415a8375d85e0c7d3615cd4a168308bb7c|21da6d3561f373898349ca7167c9811c020da695' /proc/version

📡 Detection & Monitoring

Log Indicators:

  • KASAN stack-out-of-bounds warnings in kernel logs
  • regs_get_kernel_stack_nth errors in dmesg

Network Indicators:

  • None - local vulnerability only

SIEM Query:

source="kernel" AND "KASAN: stack-out-of-bounds" AND "regs_get_kernel_stack_nth"

📊 Metadata

CVE ID: CVE-2025-38320
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE: CWE-125
EPSS Score: 0.02% exploit probability (4th percentile)
Published: July 10, 2025
Last Updated: December 19, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-38320, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)