CVE-2025-38369: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-38369 is a vulnerability discovered in the Linux kernel's Intel IDXD DMA engine driver, specifically affecting the workqueue handling functionality. The vulnerability was disclosed on July 25, 2025, and impacts systems running the Linux kernel with the IDXD DMA engine driver enabled (NVD, Red Hat).

The vulnerability stems from a missing check in the IDXD DMA engine driver before draining a potentially destroyed workqueue object. It has been assigned a CVSS v3.1 base score of 5.5 (Moderate) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, indicating local access requirements and potential high impact on availability (Red Hat).

When exploited, this vulnerability can trigger a call trace or kernel panic when running IDXD workloads in a container with the /dev directory mounted and the parent process is terminated. The issue occurs because Docker does not properly propagate the mount replica back to the original mount point under certain configurations (NVD).

According to Red Hat, mitigation options are either not available or do not meet their Product Security criteria for ease of use, deployment, and stability. The vulnerability affects Red Hat Enterprise Linux 10 and has deferred fixes for versions 8 and 9, while versions 6 and 7 are not affected (Red Hat).