CVE-2025-38324: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability was discovered in the Linux kernel's MPLS (MultiProtocol Label Switching) implementation, identified as CVE-2025-38324. The issue was reported by syzbot and affects the mplsrouteinputrcu() function when called from mplsgetroute(). The vulnerability was disclosed on July 10, 2025, and affects the Linux kernel version 6.15.0-rc7 and potentially other versions (NVD).

The vulnerability stems from improper RCU (Read-Copy-Update) usage in the MPLS subsystem. Specifically, mplsrouteinputrcu() can be called from mplsgetroute() while under RTNL (Route Netlink) lock. The net->mpls.platform_label is only updated under RTNL, but the code was using an incorrect RCU dereference check. This triggered a suspicious RCU usage warning in the kernel's lockdep system (Debian Security).

The vulnerability could potentially lead to race conditions in the MPLS subsystem of the Linux kernel. While the immediate impact appears to be a kernel warning, the improper RCU usage could potentially result in memory corruption or system instability in certain conditions (CVE Mitre).

The fix involves using rcudereferencertnl() in mplsrouteinputrcu() instead of the previous implementation. This ensures proper RCU usage when accessing the platformlabel under RTNL lock. The fix has been implemented in the Linux kernel, and affected distributions are releasing updated packages (Debian Security).