CVE-2025-38132

{"id": "CVE-2025-38132", "cveTags": [], "metrics": {}, "published": "2025-07-03T09:15:27.563", "references": [{"url": "https://git.kernel.org/stable/c/42f8afb0b161631fd1d814d017f75f955475ad41", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/53b9e2659719b04f5ba7593f2af0f2335f75e94a", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncoresight: holding cscfg_csdev_lock while removing cscfg from csdev\n\nThere'll be possible race scenario for coresight config:\n\nCPU0 CPU1\n(perf enable) load module\n cscfg_load_config_sets()\n activate config. // sysfs\n (sys_active_cnt == 1)\n...\ncscfg_csdev_enable_active_config()\n lock(csdev->cscfg_csdev_lock)\n deactivate config // sysfs\n (sys_activec_cnt == 0)\n cscfg_unload_config_sets()\n <iterating config_csdev_list> cscfg_remove_owned_csdev_configs()\n // here load config activate by CPU1\n unlock(csdev->cscfg_csdev_lock)\n\niterating config_csdev_list could be raced with config_csdev_list's\nentry delete.\n\nTo resolve this race , hold csdev->cscfg_csdev_lock() while\ncscfg_remove_owned_csdev_configs()"}], "lastModified": "2025-07-03T15:13:53.147", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}