CVE-2025-38400: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-38400 is a vulnerability in the Linux kernel that was discovered and disclosed on July 25, 2025. The issue affects the NFS (Network File System) subsystem, specifically related to cleanup handling when nfs_fs_proc_net_init() initialization fails (NVD CVE).

The vulnerability occurs when nfs_fs_proc_net_init() fails, causing /proc/net/rpc/nfs to remain without proper cleanup. Subsequently, when rpc_proc_exit() attempts to remove /proc/net/rpc, it generates a warning due to the directory not being empty. The issue was identified through fault injection testing in the Linux kernel version 6.16.0-rc1. The vulnerability has been assigned a CVSS 3.1 score of 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) (Red Hat Security).

The vulnerability primarily affects system cleanup processes and can lead to improper resource management in the Linux kernel's NFS implementation. While the direct security impact is limited, it could potentially cause system warnings and incomplete cleanup of NFS-related resources (Red Hat Security).

Red Hat has marked this vulnerability for deferred fixes in Red Hat Enterprise Linux 9 and 10, while versions 6, 7, and 8 are either out of support scope or not affected. The proper fix involves implementing correct error handling in nfs_fs_proc_net_init() to ensure proper cleanup of /proc/net/rpc/nfs (Red Hat Security).