Close Menu
    DevStackTipsDevStackTips
    • Home
    • News & Updates
      1. Tech & Work
      2. View All

      10 Ways Node.js Development Boosts AI & Real-Time Data (2025-2026 Edition)

      August 18, 2025

      Looking to Outsource React.js Development? Here’s What Top Agencies Are Doing Right

      August 18, 2025

      Beyond The Hype: What AI Can Really Do For Product Design

      August 18, 2025

      BrowserStack launches Chrome extension that bundles 10+ manual web testing tools

      August 18, 2025

      How much RAM does your Linux PC really need in 2025?

      August 19, 2025

      Have solar at home? Supercharge that investment with this other crucial component

      August 19, 2025

      I replaced my MacBook charger with this compact wall unit – and wish I’d done it sooner

      August 19, 2025

      5 reasons to switch to an immutable Linux distro today – and which to try first

      August 19, 2025
    • Development
      1. Algorithms & Data Structures
      2. Artificial Intelligence
      3. Back-End Development
      4. Databases
      5. Front-End Development
      6. Libraries & Frameworks
      7. Machine Learning
      8. Security
      9. Software Engineering
      10. Tools & IDEs
      11. Web Design
      12. Web Development
      13. Web Security
      14. Programming Languages
        • PHP
        • JavaScript
      Featured

      Sentry Adds Logs Support for Laravel Apps

      August 19, 2025
      Recent

      Sentry Adds Logs Support for Laravel Apps

      August 19, 2025

      Efficient Context Management with Laravel’s Remember Functions

      August 19, 2025

      Laravel Devtoolbox: Your Swiss Army Knife Artisan CLI

      August 19, 2025
    • Operating Systems
      1. Windows
      2. Linux
      3. macOS
      Featured

      From plateau predictions to buggy rollouts — Bill Gates’ GPT-5 skepticism looks strangely accurate

      August 18, 2025
      Recent

      From plateau predictions to buggy rollouts — Bill Gates’ GPT-5 skepticism looks strangely accurate

      August 18, 2025

      We gave OpenAI’s open-source AI a kid’s test — here’s what happened

      August 18, 2025

      With GTA 6, next-gen exclusives, and a console comeback on the horizon, Xbox risks sitting on the sidelines — here’s why

      August 18, 2025
    • Learning Resources
      • Books
      • Cheatsheets
      • Tutorials & Guides
    Home»Security»Common Vulnerabilities and Exposures (CVEs)»CVE-2025-38232 – Linux NFSd Race Condition Vulnerability

    CVE-2025-38232 – Linux NFSd Race Condition Vulnerability

    July 4, 2025

    CVE ID : CVE-2025-38232

    Published : July 4, 2025, 2:15 p.m. | 4 hours, 57 minutes ago

    Description : In the Linux kernel, the following vulnerability has been resolved:

    NFSD: fix race between nfsd registration and exports_proc

    As of now nfsd calls create_proc_exports_entry() at start of init_nfsd
    and cleanup by remove_proc_entry() at last of exit_nfsd.

    Which causes kernel OOPs if there is race between below 2 operations:
    (i) exportfs -r
    (ii) mount -t nfsd none /proc/fs/nfsd

    for 5.4 kernel ARM64:

    CPU 1:
    el1_irq+0xbc/0x180
    arch_counter_get_cntvct+0x14/0x18
    running_clock+0xc/0x18
    preempt_count_add+0x88/0x110
    prep_new_page+0xb0/0x220
    get_page_from_freelist+0x2d8/0x1778
    __alloc_pages_nodemask+0x15c/0xef0
    __vmalloc_node_range+0x28c/0x478
    __vmalloc_node_flags_caller+0x8c/0xb0
    kvmalloc_node+0x88/0xe0
    nfsd_init_net+0x6c/0x108 [nfsd]
    ops_init+0x44/0x170
    register_pernet_operations+0x114/0x270
    register_pernet_subsys+0x34/0x50
    init_nfsd+0xa8/0x718 [nfsd]
    do_one_initcall+0x54/0x2e0

    CPU 2 :
    Unable to handle kernel NULL pointer dereference at virtual address 0000000000000010

    PC is at : exports_net_open+0x50/0x68 [nfsd]

    Call trace:
    exports_net_open+0x50/0x68 [nfsd]
    exports_proc_open+0x2c/0x38 [nfsd]
    proc_reg_open+0xb8/0x198
    do_dentry_open+0x1c4/0x418
    vfs_open+0x38/0x48
    path_openat+0x28c/0xf18
    do_filp_open+0x70/0xe8
    do_sys_open+0x154/0x248

    Sometimes it crashes at exports_net_open() and sometimes cache_seq_next_rcu().

    and same is happening on latest 6.14 kernel as well:

    [ 0.000000] Linux version 6.14.0-rc5-next-20250304-dirty
    …
    [ 285.455918] Unable to handle kernel paging request at virtual address 00001f4800001f48
    …
    [ 285.464902] pc : cache_seq_next_rcu+0x78/0xa4
    …
    [ 285.469695] Call trace:
    [ 285.470083] cache_seq_next_rcu+0x78/0xa4 (P)
    [ 285.470488] seq_read+0xe0/0x11c
    [ 285.470675] proc_reg_read+0x9c/0xf0
    [ 285.470874] vfs_read+0xc4/0x2fc
    [ 285.471057] ksys_read+0x6c/0xf4
    [ 285.471231] __arm64_sys_read+0x1c/0x28
    [ 285.471428] invoke_syscall+0x44/0x100
    [ 285.471633] el0_svc_common.constprop.0+0x40/0xe0
    [ 285.471870] do_el0_svc_compat+0x1c/0x34
    [ 285.472073] el0_svc_compat+0x2c/0x80
    [ 285.472265] el0t_32_sync_handler+0x90/0x140
    [ 285.472473] el0t_32_sync+0x19c/0x1a0
    [ 285.472887] Code: f9400885 93407c23 937d7c27 11000421 (f86378a3)
    [ 285.473422] —[ end trace 0000000000000000 ]—

    It reproduced simply with below script:
    while [ 1 ]
    do
    /exportfs -r
    done &

    while [ 1 ]
    do
    insmod /nfsd.ko
    mount -t nfsd none /proc/fs/nfsd
    umount /proc/fs/nfsd
    rmmod nfsd
    done &

    So exporting interfaces to user space shall be done at last and
    cleanup at first place.

    With change there is no Kernel OOPs.

    Severity: 0.0 | NA

    Visit the link for more details, such as CVSS details, affected products, timeline, and more…

    Source: Read More

    Facebook Twitter Reddit Email Copy Link
    Previous ArticleCVE-2025-38227 – Linux Vidtv Slab Use-After-Free Vulnerability
    Next Article CVE-2025-38231 – Linux Kernel NFSd NULL Pointer Dereference Vulnerability

    Related Posts

    Development

    Workday Staff Fall to Social Engineering; Hackers Access Third-Party CRM Platform

    August 18, 2025
    Development

    Get Ready for the Black Hat USA 2025 CISO Podcast Series from The Cyber Express and Suraksha Catalyst

    August 18, 2025
    Leave A Reply Cancel Reply

    For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

    Continue Reading

    CVE-2025-4543 – “LyLme Spage SQL Injection Vulnerability”

    Common Vulnerabilities and Exposures (CVEs)

    CVE-2025-4122 – Netgear JWNR2000 Command Injection Vulnerability

    Common Vulnerabilities and Exposures (CVEs)

    CVE-2025-4729 – TOTOLINK A3002R/A3002RU Command Injection Vulnerability

    Common Vulnerabilities and Exposures (CVEs)

    CVE-2025-53603 – Alinto SOPE SOGo NULL Pointer Dereference

    Common Vulnerabilities and Exposures (CVEs)

    Highlights

    CVE-2025-25215 – Dell ControlVault3/Dell ControlVault3 Plus: Arbitrary Free Vulnerability

    June 13, 2025

    CVE ID : CVE-2025-25215

    Published : June 13, 2025, 10:15 p.m. | 3 hours, 14 minutes ago

    Description : An arbitrary free vulnerability exists in the cv_close functionality of
    Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call
    can lead to an arbitrary free. An attacker can forge a fake session to
    trigger this vulnerability.

    Severity: 8.8 | HIGH

    Visit the link for more details, such as CVSS details, affected products, timeline, and more…

    What to do when users just want the old version back

    July 15, 2025

    CVE-2025-4383 – Art-in Bilişim Teknolojileri ve Yazılım Hizm. Tic. Ltd. Şti. Wi-Fi Cloud Hotspot Authentication Abuse Bypass

    June 24, 2025

    From Xbox to iPad — Elgato’s new 4K S records gameplay in cinematic 4K60 HDR

    July 22, 2025
    © DevStackTips 2025. All rights reserved.
    • Contact
    • Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.