AZL-63699 CVE-2025-38003 affecting package kernel for versions less than 6.6.96.1-1

🗓️ 08 Jun 2025 11:15:20Reported by GoogleType

osv

osv🔗 osv.dev

Linux kernel fix for bcm procfs data race; adds rcu_read_lock for bcm_op removal.

Reporter	Title	Published	Views	Family All 240
Tenable Nessus	Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-1037)	23 Jun 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : bpftool, kernel6.12, kernel6.12-modules-extra (ALAS2023-2025-1052)	10 Jul 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2025-095 (ALASKERNEL-5.10-2025-095)	23 Jun 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel (ALASKERNEL-5.15-2025-075)	23 Jun 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel (ALASKERNEL-5.4-2025-103)	23 Jun 202500:00	–	nessus
Tenable Nessus	Azure Linux 3.0 Security Update: kernel (CVE-2025-38003)	22 Jan 202600:00	–	nessus
Tenable Nessus	Debian dla-4327 : ata-modules-5.10.0-35-armmp-di - security update	13 Oct 202500:00	–	nessus
Tenable Nessus	Debian dla-4328 : linux-config-6.1 - security update	13 Oct 202500:00	–	nessus
Tenable Nessus	Debian dsa-5973 : affs-modules-6.1.0-37-4kc-malta-di - security update	13 Aug 202500:00	–	nessus
Tenable Nessus	Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20480)	18 Jul 202500:00	–	nessus

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-38003

21 Apr 2026 04:32Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.15.5

EPSS0.00033

linux kernel bcm procfs rcu read lock bcm op removal unreliable data