CVE-2025-38003

EUVD-2025-17385

08.06.2025, 11:15

In the Linux kernel, the following vulnerability has been resolved:

can: bcm: add missing rcu read protection for procfs content

When the procfs content is generated for a bcm_op which is in the process
to be removed the procfs output might show unreliable data (UAF).

As the removal of bcm_op's is already implemented with rcu handling this
patch adds the missing rcu_read_lock() and makes sure the list entries
are properly removed under rcu protection.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 31%

Affected Products (NVD)

Vendor	Product	Version
linux	linux_kernel	4.19.252 ≤ 𝑥 < 4.20
linux	linux_kernel	5.4.205 ≤ 𝑥 < 5.4.294
linux	linux_kernel	5.10.130 ≤ 𝑥 < 5.10.238
linux	linux_kernel	5.15.54 ≤ 𝑥 < 5.15.185
linux	linux_kernel	5.18.11 ≤ 𝑥 < 5.19
linux	linux_kernel	5.19.1 ≤ 𝑥 < 6.1.141
linux	linux_kernel	6.2 ≤ 𝑥 < 6.6.93
linux	linux_kernel	6.7 ≤ 𝑥 < 6.12.31
linux	linux_kernel	6.13 ≤ 𝑥 < 6.14.9
linux	linux_kernel	5.19
linux	linux_kernel	5.19:rc6
linux	linux_kernel	5.19:rc7
linux	linux_kernel	5.19:rc8
linux	linux_kernel	6.15:rc1
linux	linux_kernel	6.15:rc2
linux	linux_kernel	6.15:rc3
linux	linux_kernel	6.15:rc4
linux	linux_kernel	6.15:rc5
linux	linux_kernel	6.15:rc6
linux	linux_kernel	6.15:rc7
debian	debian_linux	11.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

linux

bookworm	6.1.170-3 fixed
bookworm (security)	6.1.172-1 fixed
bullseye	vulnerable
bullseye (security)	5.10.251-5 fixed
forky	7.0.7-1 fixed
sid	7.0.7-1 fixed
trixie	6.12.86-1 fixed
trixie (security)	6.12.88-1 fixed

linux-6.1

bullseye (security)

6.1.172-1~deb11u1

fixed

openSUSE / SLES Releases

openSUSE Product

Release

kernel-64kb

suse enterprise desktop 15 SP6	6.4.0-150600.23.60.4 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.53.6.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.60.4 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.6.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.60.4 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.6.1 fixed

kernel-azure

suse enterprise sap 15 SP6	6.4.0-150600.8.43.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.20.6.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.8.43.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.20.6.1 fixed

kernel-default

suse enterprise desktop 15 SP6	6.4.0-150600.23.60.5 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.53.6.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.60.5 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.6.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.60.5 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.6.1 fixed

kernel-default-base

suse enterprise desktop 15 SP6	6.4.0-150600.23.60.5.150600.12.26.4 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.53.6.1.150700.17.6.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.60.5.150600.12.26.4 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.6.1.150700.17.6.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.60.5.150600.12.26.4 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.6.1.150700.17.6.1 fixed

kernel-default-extra

suse enterprise desktop 15 SP6	6.4.0-150600.23.60.5 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.53.6.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.60.5 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.6.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.60.5 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.6.1 fixed
suse enterprise workstation 15 SP6	6.4.0-150600.23.60.5 fixed
suse enterprise workstation 15 SP7	6.4.0-150700.53.6.1 fixed

kernel-docs

suse enterprise desktop 15 SP6	6.4.0-150600.23.60.3 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.53.6.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.60.3 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.6.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.60.3 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.6.1 fixed

kernel-macros

suse enterprise desktop 15 SP6	6.4.0-150600.23.60.4 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.53.6.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.60.4 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.6.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.60.4 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.6.1 fixed

kernel-obs-build

suse enterprise desktop 15 SP6	6.4.0-150600.23.60.3 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.53.6.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.60.3 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.6.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.60.3 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.6.1 fixed

kernel-source

suse enterprise desktop 15 SP6	6.4.0-150600.23.60.4 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.53.6.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.60.4 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.6.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.60.4 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.6.1 fixed

kernel-source-azure

suse enterprise sap 15 SP6	6.4.0-150600.8.43.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.20.6.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.8.43.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.20.6.1 fixed

kernel-syms

suse enterprise desktop 15 SP6	6.4.0-150600.23.60.4 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.53.6.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.60.4 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.6.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.60.4 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.6.1 fixed

kernel-syms-azure

suse enterprise sap 15 SP6	6.4.0-150600.8.43.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.20.6.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.8.43.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.20.6.1 fixed

kernel-zfcpdump

suse enterprise desktop 15 SP6	6.4.0-150600.23.60.4 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.53.6.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.60.4 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.6.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.60.4 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.6.1 fixed

reiserfs-kmp-default

suse enterprise sap 15 SP7	6.4.0-150700.53.6.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.6.1 fixed

References

https://git.kernel.org/stable/c/0622846db728a5332b917c797c733e202c4620ae

https://git.kernel.org/stable/c/19f553a1ddf260da6570ed8f8d91a8c87f49b63a

https://git.kernel.org/stable/c/1f912f8484e9c4396378c39460bbea0af681f319

https://git.kernel.org/stable/c/63567ecd99a24495208dc860d50fb17440043006

https://git.kernel.org/stable/c/659701c0b954ccdb4a916a4ad59bbc16e726d42c

https://git.kernel.org/stable/c/6d7d458c41b98a5c1670cbd36f2923c37de51cf5

https://git.kernel.org/stable/c/7c9db92d5f0eadca30884af75c53d601edc512ee

https://git.kernel.org/stable/c/dac5e6249159ac255dad9781793dbe5908ac9ddb

https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html

https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html