CVE-2025-38524
📋 TL;DR
This is a race condition vulnerability in the Linux kernel's rxrpc subsystem that can cause a kernel panic (system crash) when multiple threads attempt to receive data from the same network call simultaneously. It affects Linux systems using the rxrpc protocol implementation. The vulnerability requires local access to trigger.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially causing data loss or service disruption.
Likely Case
System crash requiring reboot, causing temporary service interruption on affected systems.
If Mitigated
No impact if patched; unpatched systems remain vulnerable to local denial of service attacks.
🎯 Exploit Status
Requires local access and specific timing conditions to trigger the race condition. Not trivial to exploit reliably.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel branches via provided git commits
Vendor Advisory: https://git.kernel.org/stable/c/6c75a97a32a5fa2060c3dd30207e63b6914b606d
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.
🔧 Temporary Workarounds
Disable rxrpc module
LinuxPrevent loading of the vulnerable rxrpc kernel module if not needed
echo 'install rxrpc /bin/true' >> /etc/modprobe.d/disable-rxrpc.conf
rmmod rxrpc 2>/dev/null || true
🧯 If You Can't Patch
- Restrict local user access to systems using rxrpc
- Monitor system logs for kernel panic events related to rxrpc
🔍 How to Verify
Check if Vulnerable:
Check if rxrpc module is loaded: lsmod | grep rxrpc. If loaded and kernel version is unpatched, system is vulnerable.Check Version:
uname -rVerify Fix Applied:
Verify kernel version matches patched version from your distribution and rxrpc module functions normally without crashes.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages containing 'rxrpc' or 'recvmsg.c:474'
- System crash/reboot events
Network Indicators:
- Unusual rxrpc traffic patterns from local processes
SIEM Query:
source="kernel" AND ("rxrpc" OR "recvmsg.c:474" OR "kernel BUG")