NVD

CVE-2025-38024 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug Call Trace: <TASK> __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x7d/0xa0 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:378 [inline] print_report+0xcf/0x610 mm/kasan/report.c:489 kasan_report+0xb5/0xe0 mm/kasan/report.c:602 rxe_queue_cleanup+0xd0/0xe0 drivers/infiniband/sw/rxe/rxe_queue.c:195 rxe_cq_cleanup+0x3f/0x50 drivers/infiniband/sw/rxe/rxe_cq.c:132 __rxe_cleanup+0x168/0x300 drivers/infiniband/sw/rxe/rxe_pool.c:232 rxe_create_cq+0x22e/0x3a0 drivers/infiniband/sw/rxe/rxe_verbs.c:1109 create_cq+0x658/0xb90 drivers/infiniband/core/uverbs_cmd.c:1052 ib_uverbs_create_cq+0xc7/0x120 drivers/infiniband/core/uverbs_cmd.c:1095 ib_uverbs_write+0x969/0xc90 drivers/infiniband/core/uverbs_main.c:679 vfs_write fs/read_write.c:677 [inline] vfs_write+0x26a/0xcc0 fs/read_write.c:659 ksys_write+0x1b8/0x200 fs/read_write.c:731 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xaa/0x1b0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f In the function rxe_create_cq, when rxe_cq_from_init fails, the function rxe_cleanup will be called to handle the allocated resources. In fact, some memory resources have already been freed in the function rxe_cq_from_init. Thus, this problem will occur. The solution is to let rxe_cleanup do all the work.

Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.

CVSS 4.0 Severity and Vector Strings:

NIST: NVD

N/A

NVD assessment not yet provided.

CVSS 3.x Severity and Vector Strings:

NIST: NVD

Base Score: 7.8 HIGH

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0 Severity and Vector Strings:

National Institute of Standards and Technology

NIST: NVD

Base Score: N/A

NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL	Source(s)	Tag(s)
https://git.kernel.org/stable/c/16c45ced0b3839d3eee72a86bb172bef6cf58980	kernel.org	Patch
https://git.kernel.org/stable/c/336edd6b0f5b7fbffc3e065285610624f59e88df	kernel.org	Patch
https://git.kernel.org/stable/c/3a3b73e135e3bd18423d0baa72571319c7feb759	kernel.org	Patch
https://git.kernel.org/stable/c/52daccfc3fa68ee1902d52124921453d7a335591	kernel.org	Patch
https://git.kernel.org/stable/c/7c7c80c32e00665234e373ab03fe82f5c5c2c230	kernel.org	Patch
https://git.kernel.org/stable/c/ee4c5a2a38596d548566560c0c022ab797e6f71a	kernel.org	Patch
https://git.kernel.org/stable/c/f81b33582f9339d2dc17c69b92040d3650bb4bae	kernel.org	Patch
https://git.kernel.org/stable/c/f8f470e3a757425a8f98fb9a5991e3cf62fc7134	kernel.org	Patch
https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html	CVE	Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html	CVE	Third Party Advisory

Weakness Enumeration

CWE-ID	CWE Name	Source
CWE-416	Use After Free	NIST

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

4 change records found show changes

Initial Analysis by NIST 12/17/2025 2:48:04 PM

Action	Type	New Value
Added	CVSS V3.1	AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Added	CWE	CWE-416
Added	CPE Configuration	OR cpe:2.3:o:debian:debian_linux:11.0:::::::
Added	CPE Configuration	OR cpe:2.3:o:linux:linux_kernel:6.15:rc1::::::* cpe:2.3:o:linux:linux_kernel:6.15:rc2::::::* cpe:2.3:o:linux:linux_kernel:6.15:rc3::::::* cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 6.2 up to (excluding) 6.6.92 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 5.5 up to (excluding) 5.10.238 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 6.7 up to (excluding) 6.12.30 cpe:2.3:o:linux:linux_kernel:6.15:rc4::::::* cpe:2.3:o:linux:linux_kernel:6.15:rc5::::::* cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 6.13 up to (excluding) 6.14.8 cpe:2.3:o:linux:linux_kernel:6.15:rc6::::::* cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 5.11 up to (excluding) 5.15.184 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 5.16 up to (excluding) 6.1.140 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 4.8 up to (excluding) 5.4.294
Added	Reference Type	CVE: https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html Types: Third Party Advisory
Added	Reference Type	CVE: https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html Types: Third Party Advisory
Added	Reference Type	kernel.org: https://git.kernel.org/stable/c/16c45ced0b3839d3eee72a86bb172bef6cf58980 Types: Patch
Added	Reference Type	kernel.org: https://git.kernel.org/stable/c/336edd6b0f5b7fbffc3e065285610624f59e88df Types: Patch
Added	Reference Type	kernel.org: https://git.kernel.org/stable/c/3a3b73e135e3bd18423d0baa72571319c7feb759 Types: Patch
Added	Reference Type	kernel.org: https://git.kernel.org/stable/c/52daccfc3fa68ee1902d52124921453d7a335591 Types: Patch
Added	Reference Type	kernel.org: https://git.kernel.org/stable/c/7c7c80c32e00665234e373ab03fe82f5c5c2c230 Types: Patch
Added	Reference Type	kernel.org: https://git.kernel.org/stable/c/ee4c5a2a38596d548566560c0c022ab797e6f71a Types: Patch
Added	Reference Type	kernel.org: https://git.kernel.org/stable/c/f81b33582f9339d2dc17c69b92040d3650bb4bae Types: Patch
Added	Reference Type	kernel.org: https://git.kernel.org/stable/c/f8f470e3a757425a8f98fb9a5991e3cf62fc7134 Types: Patch

New CVE Received from kernel.org 6/18/2025 6:15:34 AM

Action	Type	New Value
Added	Description	In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug Call Trace: <TASK> __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x7d/0xa0 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:378 [inline] print_report+0xcf/0x610 mm/kasan/report.c:489 kasan_report+0xb5/0xe0 mm/kasan/report.c:602 rxe_queue_cleanup+0xd0/0xe0 drivers/infiniband/sw/rxe/rxe_queue.c:195 rxe_cq_cleanup+0x3f/0x50 drivers/infiniband/sw/rxe/rxe_cq.c:132 __rxe_cleanup+0x168/0x300 drivers/infiniband/sw/rxe/rxe_pool.c:232 rxe_create_cq+0x22e/0x3a0 drivers/infiniband/sw/rxe/rxe_verbs.c:1109 create_cq+0x658/0xb90 drivers/infiniband/core/uverbs_cmd.c:1052 ib_uverbs_create_cq+0xc7/0x120 drivers/infiniband/core/uverbs_cmd.c:1095 ib_uverbs_write+0x969/0xc90 drivers/infiniband/core/uverbs_main.c:679 vfs_write fs/read_write.c:677 [inline] vfs_write+0x26a/0xcc0 fs/read_write.c:659 ksys_write+0x1b8/0x200 fs/read_write.c:731 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xaa/0x1b0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f In the function rxe_create_cq, when rxe_cq_from_init fails, the function rxe_cleanup will be called to handle the allocated resources. In fact, some memory resources have already been freed in the function rxe_cq_from_init. Thus, this problem will occur. The solution is to let rxe_cleanup do all the work.
Added	Reference	https://git.kernel.org/stable/c/16c45ced0b3839d3eee72a86bb172bef6cf58980
Added	Reference	https://git.kernel.org/stable/c/336edd6b0f5b7fbffc3e065285610624f59e88df
Added	Reference	https://git.kernel.org/stable/c/3a3b73e135e3bd18423d0baa72571319c7feb759
Added	Reference	https://git.kernel.org/stable/c/52daccfc3fa68ee1902d52124921453d7a335591
Added	Reference	https://git.kernel.org/stable/c/7c7c80c32e00665234e373ab03fe82f5c5c2c230
Added	Reference	https://git.kernel.org/stable/c/ee4c5a2a38596d548566560c0c022ab797e6f71a
Added	Reference	https://git.kernel.org/stable/c/f81b33582f9339d2dc17c69b92040d3650bb4bae
Added	Reference	https://git.kernel.org/stable/c/f8f470e3a757425a8f98fb9a5991e3cf62fc7134

Quick Info

CVE Dictionary Entry:
CVE-2025-38024
NVD Published Date:
06/18/2025
NVD Last Modified:
12/17/2025
Source:
kernel.org

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

CVE-2025-38024 Detail

Description

Metrics

References to Advisories, Solutions, and Tools

Weakness Enumeration

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Change History

Initial Analysis by NIST 12/17/2025 2:48:04 PM

CVE Modified by CVE 11/03/2025 3:18:46 PM

CVE Modified by CVE 11/03/2025 1:15:58 PM

New CVE Received from kernel.org 6/18/2025 6:15:34 AM

Quick Info