In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() If an exiting non-autoreaping task has already passed exit_notify() and calls handle_posix_cpu_timers() from IRQ, it can be reaped by its parent or debugger right after unlock_task_sighand(). If a concurrent posix_cpu_timer_del() runs at that moment, it won't be able to detect timer->it.cpu.firing != 0: cpu_timer_task_rcu() and/or lock_task_sighand() will fail. Add the tsk->exit_state check into run_posix_cpu_timers() to fix this. This fix is not needed if CONFIG_POSIX_CPU_TIMERS_TASK_WORK=y, because exit_task_work() is called before exit_notify(). But the check still makes sense, task_work_add(&tsk->posix_cputimers_work.work) will fail anyway in this case.
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2025072229-CVE-2025-38352-f1de@gregkh/T
https://cybersecuritynews.com/cisa-linux-kernel-race-condition-vulnerability/ ... In response to confirmed “in-the-wild” exploitation, CISA’s addition to the KEV catalog triggers a binding operational directive for federal agencies. ...
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:15472 https://access.redhat.com/errata/RHSA-2025:15472
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:15471 https://access.redhat.com/errata/RHSA-2025:15471
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2025:15646 https://access.redhat.com/errata/RHSA-2025:15646
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:15647 https://access.redhat.com/errata/RHSA-2025:15647
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2025:15648 https://access.redhat.com/errata/RHSA-2025:15648
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Via RHSA-2025:15649 https://access.redhat.com/errata/RHSA-2025:15649
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2025:15656 https://access.redhat.com/errata/RHSA-2025:15656
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2025:15657 https://access.redhat.com/errata/RHSA-2025:15657
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:15658 https://access.redhat.com/errata/RHSA-2025:15658
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Via RHSA-2025:15660 https://access.redhat.com/errata/RHSA-2025:15660
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:15661 https://access.redhat.com/errata/RHSA-2025:15661
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2025:15662 https://access.redhat.com/errata/RHSA-2025:15662
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2025:15669 https://access.redhat.com/errata/RHSA-2025:15669
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:15668 https://access.redhat.com/errata/RHSA-2025:15668
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:15670 https://access.redhat.com/errata/RHSA-2025:15670
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:15798 https://access.redhat.com/errata/RHSA-2025:15798
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:15921 https://access.redhat.com/errata/RHSA-2025:15921
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2025:15931 https://access.redhat.com/errata/RHSA-2025:15931
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:15932 https://access.redhat.com/errata/RHSA-2025:15932
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:15933 https://access.redhat.com/errata/RHSA-2025:15933
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Via RHSA-2025:16008 https://access.redhat.com/errata/RHSA-2025:16008
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Via RHSA-2025:16045 https://access.redhat.com/errata/RHSA-2025:16045