In the Linux kernel, the following vulnerability has been resolved:EOL][EOL]vsock: Fix transport_* TOCTOU[EOL][EOL]Transport assignment may race with module unload. Protect new_transport[EOL]from becoming a stale pointer.[EOL][EOL]This also takes care of an insecure call in vsock_use_local_transport();[EOL]add a lockdep assert.[EOL][EOL]BUG: unable to handle page fault for address: fffffbfff8056000[EOL]Oops: Oops: 0000 [#1] SMP KASAN[EOL]RIP: 0010:vsock_assign_transport+0x366/0x600[EOL]Call Trace:[EOL] vsock_connect+0x59c/0xc40[EOL] __sys_connect+0xe8/0x100[EOL] __x64_sys_connect+0x6e/0xc0[EOL] do_syscall_64+0x92/0x1c0[EOL] entry_SYSCALL_64_after_hwframe+0x4b/0x53 CREATE(Triage):(User=admin) [CVE-2025-38461 (https://nvd.nist.gov/vuln/detail/CVE-2025-38461)
