CVE-2025-38666
📋 TL;DR
A race condition in the Linux kernel's Appletalk AARP proxy-probe routine allows a use-after-free vulnerability when an expire timer thread frees memory that is still being accessed. This can lead to kernel memory corruption, crashes, or potential privilege escalation. Systems running vulnerable Linux kernel versions with Appletalk support are affected.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash, or potential privilege escalation to root via kernel memory corruption.
Likely Case
Kernel crash or system instability due to memory corruption.
If Mitigated
Limited impact if Appletalk is disabled or not in use.
🎯 Exploit Status
Exploitation requires triggering the race condition between proxy-probe and expire timer threads.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patched in kernel commits: 186942d19c0222617ef61f50e1dba91e269a5963, 2a6209e4649d45fd85d4193abc481911858ffc6f, 5f02ea0f63dd38c41539ea290fcc1693c73aa8e5, 6c4a92d07b0850342d3becf2e608f805e972467c, 82d19a70ced28b17a38ebf1b6978c6c7db894979
Vendor Advisory: https://git.kernel.org/stable/c/186942d19c0222617ef61f50e1dba91e269a5963
Restart Required: Yes
Instructions:
1. Update Linux kernel to a patched version from your distribution vendor. 2. Reboot the system to load the new kernel.
🔧 Temporary Workarounds
Disable Appletalk kernel module
linuxPrevent loading of the vulnerable Appletalk module.
echo 'blacklist appletalk' >> /etc/modprobe.d/blacklist.conf
rmmod appletalk
Disable Appletalk at kernel build
linuxBuild kernel without Appletalk support (CONFIG_ATALK=n).
🧯 If You Can't Patch
- Disable Appletalk kernel module if not needed.
- Restrict network access to Appletalk services using firewall rules.
🔍 How to Verify
Check if Vulnerable:
Check if Appletalk module is loaded: lsmod | grep appletalkCheck Version:
uname -rVerify Fix Applied:
Check kernel version against patched versions from your distribution.📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs
- KASAN use-after-free reports in dmesg
Network Indicators:
- Appletalk (DDP/AARP) network traffic on ports 201-202, 204
SIEM Query:
Search for kernel crash logs or Appletalk-related errors in system logs.🔗 References
- https://git.kernel.org/stable/c/186942d19c0222617ef61f50e1dba91e269a5963
- https://git.kernel.org/stable/c/2a6209e4649d45fd85d4193abc481911858ffc6f
- https://git.kernel.org/stable/c/5f02ea0f63dd38c41539ea290fcc1693c73aa8e5
- https://git.kernel.org/stable/c/6c4a92d07b0850342d3becf2e608f805e972467c
- https://git.kernel.org/stable/c/82d19a70ced28b17a38ebf1b6978c6c7db894979
- https://git.kernel.org/stable/c/b35694ffabb2af308a1f725d70f60fd8a47d1f3e
- https://git.kernel.org/stable/c/e4f1564c5b699eb89b3040688fd6b4e57922f1f6
- https://git.kernel.org/stable/c/f90b6bb203f3f38bf2b3d976113d51571df9a482
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
