Listen to this Post
The CVE-2025-38525 vulnerability is a race condition issue within the Linux kernel’s rxrpc (AF_RXRPC) subsystem. The flaw occurs when accepting an incoming call. The `rxrpc_new_incoming_call()` function holds interrupts disabled while calling rxrpc_assess_MTU_size(). This function, in turn, queries the IP layer for a route’s MTU. The IP layer code path eventually executes `local_bh_enable()` to re-enable softirqs. If the kernel is configured with certain debugging options, this sequence triggers a warning because `local_bh_enable()` is called while hardware interrupts (IRQs) are disabled, an invalid state. This creates an unstable condition, potentially leading to a kernel warning or lockup. The fix moves the MTU assessment call to a later point in the I/O thread’s execution stack, after the locks are dropped and interrupts are re-enabled, thus avoiding the unsafe context.
Platform: Linux Kernel
Version: Up to fix
Vulnerability: Race Condition
Severity: Medium
date: 2025-08-16
Prediction: Patch expected by 2025-08-30
What Undercode Say:
`kthread+0x2f7/0x310`
`ip_route_output_flow+0x1b/0x90`
`__local_bh_enable_ip+0x43/0xd0`
How Exploit:
Trigger incoming AF_RXRPC calls. Exploit unstable kernel state. Cause denial-of-service.
Protection from this CVE
Update Linux kernel. Apply kernel patch. Disable rxrpc module.
Impact:
Kernel warning. Potential system lockup. Denial-of-service.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: nvd.nist.gov
Extra Source Hub:
Undercode
