{"id":"CVE-2025-38617","summary":"net/packet: fix a race in packet_set_ring() and packet_notifier()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet/packet: fix a race in packet_set_ring() and packet_notifier()\n\nWhen packet_set_ring() releases po-\u003ebind_lock, another thread can\nrun packet_notifier() and process an NETDEV_UP event.\n\nThis race and the fix are both similar to that of commit 15fe076edea7\n(\"net/packet: fix a race in packet_bind() and packet_notifier()\").\n\nThere too the packet_notifier NETDEV_UP event managed to run while a\npo-\u003ebind_lock critical section had to be temporarily released. And\nthe fix was similarly to temporarily set po-\u003enum to zero to keep\nthe socket unhooked until the lock is retaken.\n\nThe po-\u003ebind_lock in packet_set_ring and packet_notifier precede the\nintroduction of git history.","modified":"2026-03-20T12:42:56.581519Z","published":"2025-08-22T13:01:23.963Z","related":["MGASA-2025-0234","MGASA-2025-0235","SUSE-SU-2025:03204-1","SUSE-SU-2025:03272-1","SUSE-SU-2025:03283-1","SUSE-SU-2025:03290-1","SUSE-SU-2025:03301-1","SUSE-SU-2025:03310-1","SUSE-SU-2025:03314-1","SUSE-SU-2025:03344-1","SUSE-SU-2025:03382-1","SUSE-SU-2025:03383-1","SUSE-SU-2025:03384-1","SUSE-SU-2025:03602-1","SUSE-SU-2025:03633-1","SUSE-SU-2025:03634-1","SUSE-SU-2025:20653-1","SUSE-SU-2025:20669-1","SUSE-SU-2025:20739-1","SUSE-SU-2025:20756-1","SUSE-SU-2025:20939-1","SUSE-SU-2025:20940-1","SUSE-SU-2025:20942-1","SUSE-SU-2025:20943-1","SUSE-SU-2025:20944-1","SUSE-SU-2025:20945-1","SUSE-SU-2025:20946-1","SUSE-SU-2025:20947-1","SUSE-SU-2025:20950-1","SUSE-SU-2025:20951-1","SUSE-SU-2025:20952-1","SUSE-SU-2025:20953-1","SUSE-SU-2025:20955-1","SUSE-SU-2025:20956-1","SUSE-SU-2025:20957-1","SUSE-SU-2025:20959-1","SUSE-SU-2025:20960-1","SUSE-SU-2025:20973-1","SUSE-SU-2025:20974-1","SUSE-SU-2025:20975-1","SUSE-SU-2025:20977-1","SUSE-SU-2025:20978-1","SUSE-SU-2025:20980-1","SUSE-SU-2025:20981-1","SUSE-SU-2025:20982-1","SUSE-SU-2025:20983-1","SUSE-SU-2025:20984-1","SUSE-SU-2025:20985-1","SUSE-SU-2025:20987-1","SUSE-SU-2025:20988-1","SUSE-SU-2025:20989-1","SUSE-SU-2025:20991-1","SUSE-SU-2025:21074-1","SUSE-SU-2025:21139-1","SUSE-SU-2025:21179-1","SUSE-SU-2025:3878-1","SUSE-SU-2025:3880-1","SUSE-SU-2025:3886-1","SUSE-SU-2025:3892-1","SUSE-SU-2025:3927-1","SUSE-SU-2025:3932-1","SUSE-SU-2025:3935-1","SUSE-SU-2025:3936-1","SUSE-SU-2025:3983-1","SUSE-SU-2025:3995-1","SUSE-SU-2025:4000-1","SUSE-SU-2025:4001-1","SUSE-SU-2025:4016-1","SUSE-SU-2025:4024-1","SUSE-SU-2025:4031-1","SUSE-SU-2025:4036-1","SUSE-SU-2025:4040-1","SUSE-SU-2025:4043-1","SUSE-SU-2025:4046-1","SUSE-SU-2025:4050-1","SUSE-SU-2025:4056-1","SUSE-SU-2025:4058-1","SUSE-SU-2025:4059-1","SUSE-SU-2025:4062-1","SUSE-SU-2025:4064-1","SUSE-SU-2025:4078-1","SUSE-SU-2025:4123-1","SUSE-SU-2025:4315-1","SUSE-SU-2026:20149-1","SUSE-SU-2026:20164-1","SUSE-SU-2026:20169-1","openSUSE-SU-2025:20081-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38617.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/01d3c8417b9c1b884a8a981a3b886da556512f36"},{"type":"WEB","url":"https://git.kernel.org/stable/c/18f13f2a83eb81be349a9757ba2141ff1da9ad73"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7da733f117533e9b2ebbd530a22ae4028713955c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7de07705007c7e34995a5599aaab1d23e762d7ca"},{"type":"WEB","url":"https://git.kernel.org/stable/c/88caf46db8239e6471413d28aabaa6b8bd552805"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ba2257034755ae773722f15f4c3ad1dcdad15ca9"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e50ccfaca9e3c671cae917dcb994831a859cf588"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f1791fd7b845bea0ce9674fcf2febee7bc87a893"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f2e8fcfd2b1bc754920108b7f2cd75082c5a18df"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38617.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38617"},{"type":"FIX","url":"https://github.com/google/security-research/pull/339"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"},{"type":"ARTICLE","url":"https://blog.calif.io/p/a-race-within-a-race-exploiting-cve"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2"},{"fixed":"18f13f2a83eb81be349a9757ba2141ff1da9ad73"},{"fixed":"7da733f117533e9b2ebbd530a22ae4028713955c"},{"fixed":"ba2257034755ae773722f15f4c3ad1dcdad15ca9"},{"fixed":"7de07705007c7e34995a5599aaab1d23e762d7ca"},{"fixed":"88caf46db8239e6471413d28aabaa6b8bd552805"},{"fixed":"f2e8fcfd2b1bc754920108b7f2cd75082c5a18df"},{"fixed":"e50ccfaca9e3c671cae917dcb994831a859cf588"},{"fixed":"f1791fd7b845bea0ce9674fcf2febee7bc87a893"},{"fixed":"01d3c8417b9c1b884a8a981a3b886da556512f36"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38617.json"}}],"schema_version":"1.7.5"}