CVE-2025-38461

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport_* TOCTOU Transport assignment may race with module unload. Protect new_transport from becoming a stale pointer. This also takes care of an insecure call in vsock_use_local_transport(); add a lockdep assert. BUG: unable to handle page fault for address: fffffbfff8056000 Oops: Oops: 0000 [#1] SMP KASAN RIP: 0010:vsock_assign_transport+0x366/0x600 Call Trace: vsock_connect+0x59c/0xc40 __sys_connect+0xe8/0x100 __x64_sys_connect+0x6e/0xc0 do_syscall_64+0x92/0x1c0 entry_SYSCALL_64_after_hwframe+0x4b/0x53

CVSS

No CVSS.

References

Link	Resource
https://git.kernel.org/stable/c/36a439049b34cca0b3661276049b84a1f76cc21a
https://git.kernel.org/stable/c/687aa0c5581b8d4aa87fd92973e4ee576b550cdf
https://git.kernel.org/stable/c/7b73bddf54777fb62d4d8c7729d0affe6df04477
https://git.kernel.org/stable/c/8667e8d0eb46bc54fdae30ba2f4786407d3d88eb
https://git.kernel.org/stable/c/9ce53e744f18e73059d3124070e960f3aa9902bf
https://git.kernel.org/stable/c/9d24bb6780282b0255b9929abe5e8f98007e2c6e
https://git.kernel.org/stable/c/ae2c712ba39c7007de63cb0c75b51ce1caaf1da5

Configurations

No configuration.

History

25 Jul 2025, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-25 16:15

Updated : 2025-07-25 16:15

NVD link : CVE-2025-38461

Mitre link : CVE-2025-38461

JSON object : View

Products Affected

No product.

CWE

No CWE.

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://git.kernel.org/stable/c/36a439049b34cca0b3661276049b84a1f76cc21a", "name": "https://git.kernel.org/stable/c/36a439049b34cca0b3661276049b84a1f76cc21a", "tags": [], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/687aa0c5581b8d4aa87fd92973e4ee576b550cdf", "name": "https://git.kernel.org/stable/c/687aa0c5581b8d4aa87fd92973e4ee576b550cdf", "tags": [], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/7b73bddf54777fb62d4d8c7729d0affe6df04477", "name": "https://git.kernel.org/stable/c/7b73bddf54777fb62d4d8c7729d0affe6df04477", "tags": [], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/8667e8d0eb46bc54fdae30ba2f4786407d3d88eb", "name": "https://git.kernel.org/stable/c/8667e8d0eb46bc54fdae30ba2f4786407d3d88eb", "tags": [], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/9ce53e744f18e73059d3124070e960f3aa9902bf", "name": "https://git.kernel.org/stable/c/9ce53e744f18e73059d3124070e960f3aa9902bf", "tags": [], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/9d24bb6780282b0255b9929abe5e8f98007e2c6e", "name": "https://git.kernel.org/stable/c/9d24bb6780282b0255b9929abe5e8f98007e2c6e", "tags": [], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/ae2c712ba39c7007de63cb0c75b51ce1caaf1da5", "name": "https://git.kernel.org/stable/c/ae2c712ba39c7007de63cb0c75b51ce1caaf1da5", "tags": [], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Fix transport_* TOCTOU\n\nTransport assignment may race with module unload. Protect new_transport\nfrom becoming a stale pointer.\n\nThis also takes care of an insecure call in vsock_use_local_transport();\nadd a lockdep assert.\n\nBUG: unable to handle page fault for address: fffffbfff8056000\nOops: Oops: 0000 [#1] SMP KASAN\nRIP: 0010:vsock_assign_transport+0x366/0x600\nCall Trace:\n vsock_connect+0x59c/0xc40\n __sys_connect+0xe8/0x100\n __x64_sys_connect+0x6e/0xc0\n do_syscall_64+0x92/0x1c0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53"}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-38461", "ASSIGNER": "cve@kernel.org"}}, "impact": {}, "publishedDate": "2025-07-25T16:15Z", "configurations": {"nodes": [], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-07-25T16:15Z"}