{
  "affected": [
    {
      "ecosystem_specific": {
        "urgency": "not yet assigned"
      },
      "package": {
        "ecosystem": "Debian:12",
        "name": "linux"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.1.147-1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "ecosystem_specific": {
        "urgency": "not yet assigned"
      },
      "package": {
        "ecosystem": "Debian:13",
        "name": "linux"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.12.35-1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "ecosystem_specific": {
        "urgency": "not yet assigned"
      },
      "package": {
        "ecosystem": "Debian:14",
        "name": "linux"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.12.35-1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "ecosystem_specific": {
        "urgency": "not yet assigned"
      },
      "package": {
        "ecosystem": "Debian:11",
        "name": "linux-6.1"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.1.153-1~deb11u1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "In the Linux kernel, the following vulnerability has been resolved:  coresight: prevent deactivate active config while enabling the config  While enable active config via cscfg_csdev_enable_active_config(), active config could be deactivated via configfs' sysfs interface. This could make UAF issue in below scenario:  CPU0                                          CPU1 (sysfs enable)                                load module                                               cscfg_load_config_sets()                                               activate config. // sysfs                                               (sys_active_cnt == 1) ... cscfg_csdev_enable_active_config() lock(csdev-\u003ecscfg_csdev_lock) // here load config activate by CPU1 unlock(csdev-\u003ecscfg_csdev_lock)                                                deactivate config // sysfs                                               (sys_activec_cnt == 0)                                               cscfg_unload_config_sets()                                               unload module  // access to config_desc which freed // while unloading module. cscfg_csdev_enable_config  To address this, use cscfg_config_desc's active_cnt as a reference count  which will be holded when     - activate the config.     - enable the activated config. and put the module reference when config_active_cnt == 0.",
  "id": "DEBIAN-CVE-2025-38131",
  "modified": "2025-12-18T11:01:18.157798367Z",
  "published": "2025-07-03T09:15:27.430Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://security-tracker.debian.org/tracker/CVE-2025-38131"
    }
  ],
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "upstream": [
    "CVE-2025-38131"
  ]
}