CVE-2025-38653
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-38653
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38653.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-38653
- Downstream
- Published
- 2025-08-22T16:15:40Z
- Modified
- 2025-09-06T13:01:50Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
proc: use the same treatment to check proclseek as ones for procread_iter et.al
Check pde->procops->proclseek directly may cause UAF in rmmod scenario. It's a gap in procregopen() after commit 654b33ada4ab("proc: fix UAF in procgetinode()"). Followed by AI Viro's suggestion, fix it in same manner.
- References
-
- https://git.kernel.org/stable/c/1fccbfbae1dd36198dc47feac696563244ad81d3
- https://git.kernel.org/stable/c/33c778ea0bd0fa62ff590497e72562ff90f82b13
- https://git.kernel.org/stable/c/c35b0feb80b48720dfbbf4e33759c7be3faaebb6
- https://git.kernel.org/stable/c/d136502e04d8853a9aecb335d07bbefd7a1519a8
- https://git.kernel.org/stable/c/fc1072d934f687e1221d685cf1a49a5068318f34
- https://git.kernel.org/stable/c/ff7ec8dc1b646296f8d94c39339e8d3833d16c05