CVE-2025-38670
📋 TL;DR
This Linux kernel vulnerability allows interrupt handlers to corrupt stack pointers during context switching, potentially leading to kernel panics and system crashes. It affects ARM64 systems running vulnerable Linux kernel versions, particularly those with CONFIG_ARM64_PSEUDO_NMI enabled where exploitation becomes more likely.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash, denial of service, and potential data corruption or loss.
Likely Case
System instability, occasional kernel panics under specific interrupt-heavy workloads, particularly with pseudo-NMI enabled.
If Mitigated
Minimal impact with proper patching; systems without pseudo-NMI configuration are unlikely to experience issues.
🎯 Exploit Status
Exploitation requires precise timing and ability to trigger interrupts during specific kernel operations. More feasible with pseudo-NMI enabled.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits: 0f67015d72627bad72da3c2084352e0aa134416b, 407047893a64399f2d2390ff35cc6061107d805d, 708fd522b86d2a9544c34ec6a86fa3fc23336525, 9433a5f437b0948d6a2d8a02ad7a42ab7ca27a61, a6b0cb523eaa01efe8a3f76ced493ba60674c6e6
Vendor Advisory: https://git.kernel.org/stable/c/0f67015d72627bad72da3c2084352e0aa134416b
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits
2. Reboot system to load new kernel
3. Verify kernel version after reboot
🔧 Temporary Workarounds
Disable CONFIG_ARM64_PSEUDO_NMI
linuxDisabling pseudo-NMI reduces likelihood of exploitation by preventing interrupts during vulnerable operations
# Rebuild kernel with CONFIG_ARM64_PSEUDO_NMI=n
🧯 If You Can't Patch
- Monitor system logs for kernel panic indicators and unexpected crashes
- Limit system workload and interrupt-heavy operations on vulnerable systems
🔍 How to Verify
Check if Vulnerable:
Check if kernel version is before the fix commits: git log --oneline | grep -E '0f67015d72627bad72da3c2084352e0aa134416b|407047893a64399f2d2390ff35cc6061107d805d|708fd522b86d2a9544c34ec6a86fa3fc23336525|9433a5f437b0948d6a2d8a02ad7a42ab7ca27a61|a6b0cb523eaa01efe8a3f76ced493ba60674c6e6'Check Version:
uname -rVerify Fix Applied:
Verify kernel contains fix commits: uname -r and check kernel changelog for the specific commit hashes📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages in /var/log/kern.log or dmesg
- Unexpected system crashes or reboots
- Stack corruption error messages
Network Indicators:
- None - this is a local kernel vulnerability
SIEM Query:
source="kern.log" AND ("kernel panic" OR "stack corruption" OR "unhandled exception")🔗 References
- https://git.kernel.org/stable/c/0f67015d72627bad72da3c2084352e0aa134416b
- https://git.kernel.org/stable/c/407047893a64399f2d2390ff35cc6061107d805d
- https://git.kernel.org/stable/c/708fd522b86d2a9544c34ec6a86fa3fc23336525
- https://git.kernel.org/stable/c/9433a5f437b0948d6a2d8a02ad7a42ab7ca27a61
- https://git.kernel.org/stable/c/a6b0cb523eaa01efe8a3f76ced493ba60674c6e6
- https://git.kernel.org/stable/c/d42e6c20de6192f8e4ab4cf10be8c694ef27e8cb
- https://git.kernel.org/stable/c/f7e0231eeaa33245c649fac0303cf97209605446
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
