Login Sign Up

CVE-2025-38451

5.5 MEDIUM
Denial of Service

📋 TL;DR

A vulnerability in the Linux kernel's md/md-bitmap component causes a General Protection Fault (GPF) when accessing statistics for external bitmaps. This allows local attackers to crash the kernel, leading to denial of service. Systems using Linux kernel with MD (Multiple Device) RAID and external bitmaps are affected.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected versions not specified in CVE, but includes kernels with the vulnerable commit 6ec1f0239485 and related fixes.
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ✅ No
Notes: Only affects systems using MD RAID with external bitmaps configured. Internal bitmaps or systems without MD RAID are not vulnerable.

📦 What is this software?

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially causing data corruption or loss in RAID arrays.

🟠

Likely Case

Local denial of service through kernel crash when accessing bitmap statistics via /proc or similar interfaces.

🟢

If Mitigated

Minimal impact if systems are patched or don't use external MD bitmaps.

🌐 Internet-Facing: LOW - Requires local access to trigger the vulnerability.
🏢 Internal Only: MEDIUM - Local users or processes can cause system crashes affecting availability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW - Simple local trigger via reading bitmap statistics.

Exploitation requires local access to trigger the GPF through /proc or similar kernel interfaces.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions with fixes: 3d82a729530bd2110ba66e4a1f73461c776edec2, 3e0542701b37aa25b025d8531583458e4f014c2e, a18f9b08c70e10ea3a897058fee8a4f3b4c146ec, a23b16ba3274961494f5ad236345d238364349ff, c17fb542dbd1db745c9feac15617056506dd7195

Vendor Advisory: https://git.kernel.org/stable/c/3d82a729530bd2110ba66e4a1f73461c776edec2

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution. 2. Reboot system to load new kernel. 3. Verify kernel version matches patched release.

🔧 Temporary Workarounds

Disable external bitmaps

linux

Configure MD RAID to use internal bitmaps instead of external bitmaps to avoid triggering the vulnerability.

mdadm --grow --bitmap=internal /dev/mdX

Restrict access to /proc/mdstat

linux

Limit access to MD statistics interface to prevent triggering the vulnerability.

chmod 600 /proc/mdstat
setfacl -m u:root:r-- /proc/mdstat

🧯 If You Can't Patch

  • Restrict local user access to systems using MD RAID with external bitmaps.
  • Monitor for kernel panic logs and investigate any system crashes related to MD operations.

🔍 How to Verify

Check if Vulnerable:

Check if system uses MD RAID with external bitmaps: cat /proc/mdstat and check for 'external' bitmap type.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes one of the fix commits: uname -r and check with distribution's security advisories.

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages mentioning 'bitmap_get_stats'
  • General Protection Fault (GPF) errors in kernel logs
  • System crashes when accessing /proc/mdstat

Network Indicators:

  • None - local vulnerability only

SIEM Query:

event_source:kernel AND (message:"bitmap_get_stats" OR message:"GPF" OR message:"Oops")

📊 Metadata

CVE ID: CVE-2025-38451
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score: 0.02% exploit probability (4.4th percentile)
Published: July 25, 2025
Last Updated: December 22, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON