{"vulnerability": "CVE-2025-38067", "sightings": [{"uuid": "96444304-3c53-4efc-b509-889224e4de0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38067", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lruz2zh3uc23", "content": "", "creation_timestamp": "2025-06-18T12:27:52.649050Z"}, {"uuid": "796c9775-325d-4e48-8bf2-8a7f854d4f66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38067", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "3ce42c9f-6c3b-4d32-9991-3c72ce52f0de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38067", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18714", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-38067\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nrseq: Fix segfault on registration when rseq_cs is non-zero\n\nThe rseq_cs field is documented as being set to 0 by user-space prior to\nregistration, however this is not currently enforced by the kernel. This\ncan result in a segfault on return to user-space if the value stored in\nthe rseq_cs field doesn't point to a valid struct rseq_cs.\n\nThe correct solution to this would be to fail the rseq registration when\nthe rseq_cs field is non-zero. However, some older versions of glibc\nwill reuse the rseq area of previous threads without clearing the\nrseq_cs field and will also terminate the process if the rseq\nregistration fails in a secondary thread. This wasn't caught in testing\nbecause in this case the leftover rseq_cs does point to a valid struct\nrseq_cs.\n\nWhat we can do is clear the rseq_cs field on registration when it's\nnon-zero which will prevent segfaults on registration and won't break\nthe glibc versions that reuse rseq areas on thread creation.\n\ud83d\udccf Published: 2025-06-18T09:33:45.518Z\n\ud83d\udccf Modified: 2025-06-18T09:33:45.518Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/2df285dab00fa03a3ef939b6cb0d0d0aeb0791db\n2. https://git.kernel.org/stable/c/fd881d0a085fc54354414aed990ccf05f282ba53", "creation_timestamp": "2025-06-18T10:40:17.000000Z"}]}