CVE-2025-38524

🗓️ 16 Aug 2025 11:12:18Reported by LinuxType

CVE-2025-38524: Linux kernel rxrpc fix for recv-recv race by dequeuing calls; user call ID stale.

Reporter	Title	Published	Views	Family All 168
ATTACKERKB	CVE-2025-38524	16 Aug 202511:12	–	attackerkb
AstraLinux	Astra Linux - уязвимость в linux-6.12	1 Nov 202510:54	–	astralinux
CBLMariner	CVE-2025-38524 affecting package kernel for versions less than 6.6.104.2-1	1 Oct 202519:21	–	cbl_mariner
Circl	CVE-2025-38524	3 Dec 202514:14	–	circl
CNNVD	Linux kernel 安全漏洞	16 Aug 202500:00	–	cnnvd
Cvelist	CVE-2025-38524 rxrpc: Fix recv-recv race of completed call	16 Aug 202511:12	–	cvelist
Debian CVE	CVE-2025-38524	16 Aug 202511:12	–	debiancve
EUVD	EUVD-2025-27883	3 Oct 202520:07	–	euvd
Microsoft CVE	rxrpc: Fix recv-recv race of completed call	4 Sep 202508:16	–	mscve
NVD	CVE-2025-38524	16 Aug 202512:15	–	nvd

NVD

Vulners

CNA

Node

linux linux_kernelRange4.9–6.6.100

linux linux_kernelRange6.7–6.12.40

linux linux_kernelRange6.13–6.15.8

linux linux_kernelMatch6.16rc1

linux linux_kernelMatch6.16rc2

linux linux_kernelMatch6.16rc3

linux linux_kernelMatch6.16rc4

linux linux_kernelMatch6.16rc5

linux linux_kernelMatch6.16rc6

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "include/trace/events/rxrpc.h",
      "net/rxrpc/call_accept.c",
      "net/rxrpc/recvmsg.c"
    ],
    "versions": [
      {
        "version": "248f219cb8bcbfbd7f132752d44afa2df7c241d1",
        "lessThan": "7692bde890061797f3dece0148d7859e85c55778",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "248f219cb8bcbfbd7f132752d44afa2df7c241d1",
        "lessThan": "839fe96c15209dc2255c064bb44b636efe04f032",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "248f219cb8bcbfbd7f132752d44afa2df7c241d1",
        "lessThan": "6c75a97a32a5fa2060c3dd30207e63b6914b606d",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "248f219cb8bcbfbd7f132752d44afa2df7c241d1",
        "lessThan": "962fb1f651c2cf2083e0c3ef53ba69e3b96d3fbc",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "include/trace/events/rxrpc.h",
      "net/rxrpc/call_accept.c",
      "net/rxrpc/recvmsg.c"
    ],
    "versions": [
      {
        "version": "4.9",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "4.9",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.6.100",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.12.40",
        "lessThanOrEqual": "6.12.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.15.8",
        "lessThanOrEqual": "6.15.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.16",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/839fe96c15209dc2255c064bb44b636efe04f032
git	www.git.kernel.org/stable/c/962fb1f651c2cf2083e0c3ef53ba69e3b96d3fbc
git	www.git.kernel.org/stable/c/6c75a97a32a5fa2060c3dd30207e63b6914b606d
git	www.git.kernel.org/stable/c/7692bde890061797f3dece0148d7859e85c55778

11 May 2026 21:29Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.14.7

EPSS0.00019

CWE-362

remote procedure call; linux kernel; receive receive race; dequeue calls; call identifier stale