CVE-2025-38514
📋 TL;DR
A race condition vulnerability in the Linux kernel's AF_RXRPC subsystem can cause a kernel oops (crash) when service sockets are opened and bound but calls are preallocated. This affects Linux systems using the AF_RXRPC protocol, primarily those running kernel versions with the vulnerable code. The vulnerability leads to denial of service but not privilege escalation.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, requiring physical or remote console access to reboot.
Likely Case
Kernel oops causing service disruption for AF_RXRPC services, potentially affecting network connectivity for dependent applications.
If Mitigated
Minor service interruption that self-recovers or requires service restart.
🎯 Exploit Status
Requires ability to create AF_RXRPC service sockets and trigger the race condition through legitimate API usage.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions with commits 0eef29385d715d4c7fd707b18d4a9b76c76dd5e6, 2c2e9ebeb036f9b1b09325ec5cfdfe0e78f357c3, 880a88f318cf1d2a0f4c0a7ff7b07e2062b434a4, bf0ca6a1bc4fb904b598137c6718785a107e3adf, or d1ff5f9d2c5405681457262e23c720b08977c11f
Vendor Advisory: https://git.kernel.org/stable/c/0eef29385d715d4c7fd707b18d4a9b76c76dd5e6
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution vendor. 2. Reboot system to load new kernel. 3. Verify kernel version matches patched release.
🔧 Temporary Workarounds
Disable AF_RXRPC module
LinuxPrevent loading of the vulnerable AF_RXRPC kernel module if not required
echo 'install rxrpc /bin/true' >> /etc/modprobe.d/disable-rxrpc.conf
rmmod rxrpc
🧯 If You Can't Patch
- Disable AF_RXRPC functionality if not required for system operation
- Implement network segmentation to limit access to AF_RXRPC services
🔍 How to Verify
Check if Vulnerable:
Check if AF_RXRPC is enabled and kernel version matches vulnerable range: lsmod | grep rxrpcCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes one of the fix commits: uname -r and check with distribution vendor📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages in /var/log/kern.log or dmesg output
- AF_RXRPC service failures
Network Indicators:
- Unexpected AF_RXRPC connection failures
SIEM Query:
source="kern.log" AND "Oops" AND "rxrpc"🔗 References
- https://git.kernel.org/stable/c/0eef29385d715d4c7fd707b18d4a9b76c76dd5e6
- https://git.kernel.org/stable/c/2c2e9ebeb036f9b1b09325ec5cfdfe0e78f357c3
- https://git.kernel.org/stable/c/880a88f318cf1d2a0f4c0a7ff7b07e2062b434a4
- https://git.kernel.org/stable/c/bf0ca6a1bc4fb904b598137c6718785a107e3adf
- https://git.kernel.org/stable/c/d1ff5f9d2c5405681457262e23c720b08977c11f
- https://git.kernel.org/stable/c/efc1b2b7c1a308b60df8f36bc2d7ce16d3999364
- https://git.kernel.org/stable/c/f5e72b7824d08c206ce106d30cb37c4642900ccc
- https://git.kernel.org/stable/c/f7afb3ff01c42c49e8a143cdce400b95844bb506
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
