CVE-2025-38016 — Signal Handler Race Condition in Linux
Severity
5.5MEDIUMNVD
OSV7.8
EPSS
0.0%
top 84.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 18
Latest updateAug 28
Description
In the Linux kernel, the following vulnerability has been resolved:
HID: bpf: abort dispatch if device destroyed
The current HID bpf implementation assumes no output report/request will
go through it after hid_bpf_destroy_device() has been called. This leads
to a bug that unplugging certain types of HID devices causes a cleaned-
up SRCU to be accessed. The bug was previously a hidden failure until a
recent x86 percpu change [1] made it access not-present pages.
The bug will be triggered if th…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages4 packages
▶CVEListV5linux/linux8bd0488b5ea58655ad6fdcbe0408ef49b16882b1 — f8544be7e8e55b0ef23e1ab90e23e8d4d4aad3d3+3
Patches
🔴Vulnerability Details
5OSV▶
linux, linux-aws, linux-aws-6.14, linux-gcp, linux-gcp-6.14, linux-oracle, linux-oracle-6.14, linux-raspi, linux-realtime vulnerabilities↗2025-08-18
GHSA▶
GHSA-jvgv-wf9f-5wjp: In the Linux kernel, the following vulnerability has been resolved:
HID: bpf: abort dispatch if device destroyed
The current HID bpf implementation↗2025-06-18
OSV▶
CVE-2025-38016: In the Linux kernel, the following vulnerability has been resolved: HID: bpf: abort dispatch if device destroyed The current HID bpf implementation as↗2025-06-18
📋Vendor Advisories
5Debian▶
CVE-2025-38016: linux - In the Linux kernel, the following vulnerability has been resolved: HID: bpf: a...↗2025