CVE-2025-38477
medium
CVSS v3
4.7
CVSS v4 NEW
โ
VIR risk
4.7
Description
RHSA-2025:15008: kernel security update (Moderate)
Predictions
Exploit likelihood
47%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| rocky | 8 | fixed | |
| sles | affected | | |
| debian | bookworm | fixed | 6.1.147-1 |
| debian | bullseye | fixed | 5.10.244-1 |
| debian | forky | fixed | 6.16.3-1 |
| debian | sid | fixed | 6.16.3-1 |
| debian | trixie | fixed | 6.12.41-1 |
| linux-kernel | affected | 5.4.297 | |
| linux-kernel | 6.16 | affected | |
| debian | 11.0 | affected | |
| rhel | 8 | fixed | |
References
- https://git.kernel.org/stable/c/466e10194ab81caa2ee6a332d33ba16bcceeeba6
- https://git.kernel.org/stable/c/5e28d5a3f774f118896aec17a3a20a9c5c9dfc64
- https://git.kernel.org/stable/c/a6d735100f602c830c16d69fb6d780eebd8c9ae1
- https://git.kernel.org/stable/c/aa7a22c4d678bf649fd3a1d27debec583563414d
- https://git.kernel.org/stable/c/c000a3a330d97f6c073ace5aa5faf94b9adb4b79
- https://git.kernel.org/stable/c/c6df794000147a3a02f79984aada4ce83f8d0a1e
- https://git.kernel.org/stable/c/d841aa5518508ab195b6781ad0d73ee378d713dd
- https://git.kernel.org/stable/c/fbe48f06e64134dfeafa89ad23387f66ebca3527
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
- https://cert-portal.siemens.com/productcert/html/ssa-082556.html
- https://errata.rockylinux.org/RLSA-2025:15008
- https://www.suse.com/security/cve/CVE-2025-38477.html
- https://security-tracker.debian.org/tracker/CVE-2025-38477
- https://access.redhat.com/errata/RHSA-2025:15008
- https://bugzilla.redhat.com/2376406
- https://bugzilla.redhat.com/2379246
- https://bugzilla.redhat.com/2383509
- https://bugzilla.redhat.com/2383922
- https://errata.almalinux.org/8/ALSA-2025-15008.html
CWEs
CWE-362
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.