CVE-2025-38234Race Condition in Linux

CWE-362Race Condition25 documents7 sources
Severity
4.7MEDIUMNVD
OSV5.6
EPSS
0.0%
top 99.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
27
LinuxLinux KernelDebian Linux+24 more
Timeline
PublishedJul 4
Latest updateApr 23

Description

In the Linux kernel, the following vulnerability has been resolved: sched/rt: Fix race in push_rt_task Overview When a CPU chooses to call push_rt_task and picks a task to push to another CPU's runqueue then it will call find_lock_lowest_rq method which would take a double lock on both CPUs' runqueues. If one of the locks aren't readily available, it may lead to dropping the current runqueue lock and reacquiring both the locks at once. During this window it is possible that the task is already

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6

Affected Packages28 packages

NVDlinux/linux_kernel< 6.15.4
Debianlinux/linux_kernel< 6.12.69-1+1

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

8
OSV
linux-hwe-6.14 vulnerabilities2025-11-04
OSV
linux-gcp-6.14 vulnerabilities2025-10-31
OSV
linux-aws-6.14 vulnerabilities2025-10-24
OSV
linux-realtime-6.14 vulnerabilities2025-10-22
OSV
linux-azure, linux-azure-6.14, linux-azure-nvidia-6.14 vulnerabilities2025-10-22

📋Vendor Advisories

16
Ubuntu
Linux kernel (Oracle) vulnerabilities2026-04-23
Ubuntu
Linux kernel (Raspberry Pi Real-time) vulnerabilities2026-04-23
Ubuntu
Linux kernel vulnerabilities2026-04-23
Ubuntu
Linux kernel (FIPS) vulnerabilities2026-04-17
Ubuntu
Linux kernel (Real-time) vulnerabilities2026-04-17