Vulnerability Lookup

🛡️ CVE-2025-38067

🟡 CVSS 5.5 — Medium ✅ No Known Exploit NVD

5.5

CVSS Score

0 Low4 Medium7 High9 Critical10

Description

In the Linux kernel, the following vulnerability has been resolved: rseq: Fix segfault on registration when rseq_cs is non-zero The rseq_cs field is documented as being set to 0 by user-space prior to registration, however this is not currently enforced by the kernel. This can result in a segfault on return to user-space if the value stored in the rseq_cs field doesn't point to a valid struct rseq_cs. The correct solution to this would be to fail the rseq registration when the rseq_cs field is non-zero. However, some older versions of glibc will reuse the rseq area of previous threads without clearing the rseq_cs field and will also terminate the process if the rseq registration fails in a secondary thread. This wasn't caught in testing because in this case the leftover rseq_cs does point to a valid struct rseq_cs. What we can do is clear the rseq_cs field on registration when it's non-zero which will prevent segfaults on registration and won't break the glibc versions that reuse rseq areas on thread creation.

Details

Severity MEDIUM

CVSS Score 5.5

CVSS Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE N/A

Public Exploit ✅ No

Source NVD

Published 2025-06-18

Updated 2026-06-02

Modified 2026-05-12

Fix URL https://git.kernel.org/stable/c/2df285dab00fa03a3ef939b6cb0d0d0aeb0791db

Affected Packages

Software	From version	Fixed in
debian-linux	—	—
linux-kernel	6.13	6.14.9

References

Patch https://git.kernel.org/stable/c/2df285dab00fa03a3ef939b6cb0d0d0aeb0791db

Patch https://git.kernel.org/stable/c/3e4028ef31b69286c9d4878cee0330235f53f218

Patch https://git.kernel.org/stable/c/48900d839a3454050fd5822e34be8d54c4ec9b86

Patch https://git.kernel.org/stable/c/b2b05d0dc2f4f0646922068af435aed5763d16ba

Patch https://git.kernel.org/stable/c/eaf112069a904b6207b4106ff083e0208232a2eb

Patch https://git.kernel.org/stable/c/f004f58d18a2d3dc761cf973ad27b4a5997bd876

Patch https://git.kernel.org/stable/c/fd881d0a085fc54354414aed990ccf05f282ba53

Third Party Advisory https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html

Third Party Advisory https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html

https://cert-portal.siemens.com/productcert/html/ssa-082556.html

🔗 NVD 🔗 Mitre ✅ Fix / Advisory

Similar Threats

Site Security Check

Concerned your site may already be targeted?

BotEraser analyzes incoming traffic patterns and helps identify bot behavior consistent with known exploit attempts.

Check My Site Free →

No credit card required · Results in minutes

ⓘ Data Notice: The information presented above has been compiled from publicly available internet sources. Boteraser aggregates this data solely for informational purposes and does not independently classify, evaluate, or endorse any findings about the vulnerabilities listed. The accuracy and completeness of this information is the sole responsibility of the original publishers. Boteraser and its operators accept no liability for any decisions made based on this data.

Concerned your site may already be targeted?

Company

Resources

Services

Trusted

Subscribe