CVE-2025-38261 — Linux vulnerability

18 documents7 sources

Severity

5.5MEDIUMNVD

OSV5.6

EPSS

0.0%

top 91.88%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +2 more

Timeline

PublishedJul 9

Latest updateNov 4

Description

In the Linux kernel, the following vulnerability has been resolved: riscv: save the SR_SUM status over switches When threads/tasks are switched we need to ensure the old execution's SR_SUM state is saved and the new thread has the old SR_SUM state restored. The issue was seen under heavy load especially with the syz-stress tool running, with crashes as follows in schedule_tail: Unable to handle kernel access to user memory without uaccess routines at virtual address 000000002749f0d0 Oops [#1…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages6 packages

▶NVDlinux/linux_kernel4.15 — 6.15.5

▶Debianlinux/linux_kernel< 6.16.3-1

▶msrcmsrc/azl3_kernel_6.6.92.2-2_on_azure_linux_3.0

▶msrcmsrc/cbl2_kernel_5.15.186.1-1_on_cbl_mariner_2.0

▶CVEListV5linux/linux76d2a0493a17d4c8ecc781366850c3c4f8e1a446 — 69ea599a8dab93a620c92c255be4239a06290a77+2

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

OSV

linux-hwe-6.14 vulnerabilities↗2025-11-04

▶

OSV

linux-gcp-6.14 vulnerabilities↗2025-10-31

▶

OSV

linux-aws-6.14 vulnerabilities↗2025-10-24

▶

OSV

linux-realtime-6.14 vulnerabilities↗2025-10-22

▶

OSV

linux-azure, linux-azure-6.14, linux-azure-nvidia-6.14 vulnerabilities↗2025-10-22

▶

📋Vendor Advisories

Ubuntu

Linux kernel (HWE) vulnerabilities↗2025-11-04

▶

Ubuntu

Linux kernel (GCP) vulnerabilities↗2025-10-31

▶

Ubuntu

Linux kernel (AWS) vulnerabilities↗2025-10-24

▶

Ubuntu

Linux kernel (Azure) vulnerabilities↗2025-10-22

▶

Ubuntu

Linux kernel (Real-time) vulnerabilities↗2025-10-22

▶