Description

In the Linux kernel, the following vulnerability has been resolved: coresight: holding cscfg_csdev_lock while removing cscfg from csdev There'll be possible race scenario for coresight config: CPU0 CPU1 (perf enable) load module cscfg_load_config_sets() activate config. // sysfs (sys_active_cnt == 1) ... cscfg_csdev_enable_active_config() lock(csdev->cscfg_csdev_lock) deactivate config // sysfs (sys_activec_cnt == 0) cscfg_unload_config_sets() <iterating config_csdev_list> cscfg_remove_owned_csdev_configs() // here load config activate by CPU1 unlock(csdev->cscfg_csdev_lock) iterating config_csdev_list could be raced with config_csdev_list's entry delete. To resolve this race , hold csdev->cscfg_csdev_lock() while cscfg_remove_owned_csdev_configs()

INFO

Published Date :

2025-07-03T08:35:35.695Z

Last Modified :

2025-07-28T04:13:02.340Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-38132 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-38132.

URL Resource
https://git.kernel.org/stable/c/42f8afb0b161631fd1d814d017f75f955475ad41 cve-icon cve-icon
https://git.kernel.org/stable/c/53b9e2659719b04f5ba7593f2af0f2335f75e94a cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025070331-CVE-2025-38132-bfc9@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-38132 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-38132 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact