Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2025-38653

Published: August 26, 2025Last modified: August 26, 2025

Description

In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al Check pde->proc_ops->proc_lseek directly may cause UAF in rmmod scenario. It's a gap in proc_reg_open() after commit 654b33ada4ab("proc: fix UAF in proc_get_inode()"). Followed by AI Viro's suggestion, fix it in same manner.

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSlinux-ltsVulnerable (6.1.147-r0)
25 LTSlinux-ltsVulnerable (6.12.41-r0)
Streamlinux-ltsFixed (6.12.43-r0)

References

ON THIS PAGE