CVE-2025-38150: 
Linux Kernel vulnerability analysis and mitigation

In the Linux kernel, a vulnerability has been identified and assigned CVE-2025-38150. The issue involves the afpacket subsystem where the notifier's packetdev_mc function needs to be moved out of the RCU critical section. This vulnerability was discovered through Syzkaller testing and was reported on July 3, 2025 (NVD).

The vulnerability occurs when calling PACKETADDMEMBERSHIP on an ops-locked device, which can trigger the NETDEV_UNREGISTER notifier. This operation may require disabling promiscuous and/or allmulti mode, both of which need to acquire the netdev instance lock. The issue manifests as a sleeping function being called from an invalid context at kernel/locking/mutex.c:578. The mclist modifications (add, del, flush, unregister) are protected by the RTNL, not the RCU, while RCU only protects the sklist and its associated sks (NVD).

When triggered, this vulnerability can cause kernel locking issues due to improper handling of mutex locks in the af_packet subsystem. This could potentially lead to system instability or crashes when network device operations are performed under specific conditions (NVD).

The fix involves moving the call to packetdevmc outside of the RCU critical section, as the mclist modifications are protected by RTNL rather than RCU. The delayed operation on the mclist entry remains within the RTNL (NVD).