CVE-2025-38305 — Deadlock in Linux
Severity
5.5MEDIUMNVD
OSV3.2
EPSS
0.0%
top 91.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 10
Latest updateMar 25
Description
In the Linux kernel, the following vulnerability has been resolved:
ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use()
There is no disagreement that we should check both ptp->is_virtual_clock
and ptp->n_vclocks to check if the ptp virtual clock is in use.
However, when we acquire ptp->n_vclocks_mux to read ptp->n_vclocks in
ptp_vclock_in_use(), we observe a recursive lock in the call trace
starting from n_vclocks_store().
WARNING: possible recursive locking detected
6.15.0-rc6 #1 …
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages4 packages
▶CVEListV5linux/linux73f37068d540eba5f93ba3a0019bf479d35ebd76 — 5d217e7031a5c06d366580fc6ddbf43527b780d4+6
Also affects: Debian Linux 11.0