CVE-2025-38588: 
Linux Kernel vulnerability analysis and mitigation

A use-after-free vulnerability was discovered in the ftrace_location() function of the Linux kernel's ftrace subsystem. The vulnerability was identified in June 2024 and assigned CVE-2025-38588. The issue affects multiple Linux distributions including Ubuntu and Oracle Linux (Ubuntu Security, Oracle Linux).

The vulnerability occurs in the ftracelocation() function where a race condition exists between registerkprobes() and deletemodule() operations. Specifically, while lookuprec() searches for ftrace records in module pages, those same pages may be freed by ftracereleasemod() during module deletion. The CVSS v3.1 base score is 7.8 (High), with attack vector being Local, requiring low attack complexity (Ubuntu Security).

A local attacker could exploit this vulnerability to cause a denial of service (system crash) or potentially execute arbitrary code. The vulnerability affects system stability and potentially system integrity when exploited (Ubuntu Security).

The vulnerability has been fixed through several measures: 1) Holding rcu lock when accessing ftrace pages in ftracelocationrange(), 2) Using ftracelocationrange() instead of lookuprec() in ftracelocation(), and 3) Calling synchronizercu() before freeing any ftrace pages in ftraceprocesslocs()/ftracereleasemod()/ftracefree_mem(). Updates are available for affected Linux distributions (Ubuntu Security).