CVE-2025-38369

25.07.2025, 13:15

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using

Running IDXD workloads in a container with the /dev directory mounted can
trigger a call trace or even a kernel panic when the parent process of the
container is terminated.

This issue occurs because, under certain configurations, Docker does not
properly propagate the mount replica back to the original mount point.

In this case, when the user driver detaches, the WQ is destroyed but it
still calls destroy_workqueue() attempting to completes all pending work.
It's necessary to check wq->wq and skip the drain if it no longer exists.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
Linux	CNA	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Debian Releases

Debian Product

Codename

linux

bullseye	vulnerable
bullseye (security)	vulnerable
bookworm	vulnerable
bookworm (security)	vulnerable
trixie	6.12.38-1 fixed
sid	6.12.38-1 fixed
trixie (security)	vulnerable

References

https://git.kernel.org/stable/c/17502e7d7b7113346296f6758324798d536c31fd

https://git.kernel.org/stable/c/98fd66c8ba77e3a7137575f610271014bc0e701f

https://git.kernel.org/stable/c/aee7a7439f8c0884da87694a401930204a57128f

https://git.kernel.org/stable/c/e0051a3daa8b2cb318b03b2f9317c3e40855847a