Wind River Support Network

HomeDefectsLIN1024-9951
Acknowledged

LIN1024-9951 : Security Advisory - linux - CVE-2025-38037

Created: Jun 19, 2025    Updated: Jun 20, 2025
Found In Version: 10.24.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 24
Component/s: Kernel

Description

In the Linux kernel, the following vulnerability has been resolved:EOL][EOL]vxlan: Annotate FDB data races[EOL][EOL]The 'used' and 'updated' fields in the FDB entry structure can be[EOL]accessed concurrently by multiple threads, leading to reports such as[EOL][1]. Can be reproduced using [2].[EOL][EOL]Suppress these reports by annotating these accesses using[EOL]READ_ONCE() / WRITE_ONCE().[EOL][EOL][1][EOL]BUG: KCSAN: data-race in vxlan_xmit / vxlan_xmit[EOL][EOL]write to 0xffff942604d263a8 of 8 bytes by task 286 on cpu 0:[EOL] vxlan_xmit+0xb29/0x2380[EOL] dev_hard_start_xmit+0x84/0x2f0[EOL] __dev_queue_xmit+0x45a/0x1650[EOL] packet_xmit+0x100/0x150[EOL] packet_sendmsg+0x2114/0x2ac0[EOL] __sys_sendto+0x318/0x330[EOL] __x64_sys_sendto+0x76/0x90[EOL] x64_sys_call+0x14e8/0x1c00[EOL] do_syscall_64+0x9e/0x1a0[EOL] entry_SYSCALL_64_after_hwframe+0x77/0x7f[EOL][EOL]read to 0xffff942604d263a8 of 8 bytes by task 287 on cpu 2:[EOL] vxlan_xmit+0xadf/0x2380[EOL] dev_hard_start_xmit+0x84/0x2f0[EOL] __dev_queue_xmit+0x45a/0x1650[EOL] packet_xmit+0x100/0x150[EOL] packet_sendmsg+0x2114/0x2ac0[EOL] __sys_sendto+0x318/0x330[EOL] __x64_sys_sendto+0x76/0x90[EOL] x64_sys_call+0x14e8/0x1c00[EOL] do_syscall_64+0x9e/0x1a0[EOL] entry_SYSCALL_64_after_hwframe+0x77/0x7f[EOL][EOL]value changed: 0x00000000fffbac6e -> 0x00000000fffbac6f[EOL][EOL]Reported by Kernel Concurrency Sanitizer on:[EOL]CPU: 2 UID: 0 PID: 287 Comm: mausezahn Not tainted 6.13.0-rc7-01544-gb4b270f11a02 #5[EOL]Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014[EOL][EOL][2][EOL] #!/bin/bash[EOL][EOL] set +H[EOL] echo whitelist > /sys/kernel/debug/kcsan[EOL] echo !vxlan_xmit > /sys/kernel/debug/kcsan[EOL][EOL] ip link add name vx0 up type vxlan id 10010 dstport 4789 local 192.0.2.1[EOL] bridge fdb add 00:11:22:33:44:55 dev vx0 self static dst 198.51.100.1[EOL] taskset -c 0 mausezahn vx0 -a own -b 00:11:22:33:44:55 -c 0 -q &[EOL] taskset -c 2 mausezahn vx0 -a own -b 00:11:22:33:44:55 -c 0 -q &

CREATE(Triage):(User=lchen-cn) [CVE-2025-38037 (https://nvd.nist.gov/vuln/detail/CVE-2025-38037)
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube