{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-04T18:35:51.322","vulnerabilities":[{"cve":{"id":"CVE-2025-38132","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-07-03T09:15:27.563","lastModified":"2025-11-20T20:12:12.817","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ncoresight: holding cscfg_csdev_lock while removing cscfg from csdev\n\nThere'll be possible race scenario for coresight config:\n\nCPU0                                          CPU1\n(perf enable)                                 load module\n                                              cscfg_load_config_sets()\n                                              activate config. // sysfs\n                                              (sys_active_cnt == 1)\n...\ncscfg_csdev_enable_active_config()\n  lock(csdev->cscfg_csdev_lock)\n                                              deactivate config // sysfs\n                                              (sys_activec_cnt == 0)\n                                              cscfg_unload_config_sets()\n  <iterating config_csdev_list>               cscfg_remove_owned_csdev_configs()\n  // here load config activate by CPU1\n  unlock(csdev->cscfg_csdev_lock)\n\niterating config_csdev_list could be raced with config_csdev_list's\nentry delete.\n\nTo resolve this race , hold csdev->cscfg_csdev_lock() while\ncscfg_remove_owned_csdev_configs()"},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: coresight: mantener cscfg_csdev_lock mientras se elimina cscfg de csdev Habrá un posible escenario de ejecución para la configuración de coresight: CPU0 CPU1 (habilitación de rendimiento) cargar módulo cscfg_load_config_sets() activar configuración. // sysfs (sys_active_cnt == 1) ... cscfg_csdev_enable_active_config() lock(csdev-&gt;cscfg_csdev_lock) desactiva la configuración // sysfs (sys_activec_cnt == 0) cscfg_unload_config_sets()  cscfg_remove_owned_csdev_configs() // aquí se carga la configuración activada por CPU1 unlock(csdev-&gt;cscfg_csdev_lock) iterando config_csdev_list podría estar en competencia con la eliminación de la entrada de config_csdev_list. Para resolver esta competencia, mantenga presionada la tecla csdev-&gt;cscfg_csdev_lock() mientras cscfg_remove_owned_csdev_configs()"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.17","versionEndExcluding":"6.15.3","matchCriteriaId":"074848F1-2A7E-490C-B811-A3122505C2CA"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/42f8afb0b161631fd1d814d017f75f955475ad41","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/53b9e2659719b04f5ba7593f2af0f2335f75e94a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}