CVE-2025-38352

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 3, 2026 5 articles

VulnLookup ↗ NVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-24

0.14%

probability

This CVE has a 0.14% probability of being exploited in the next 30 days.

0% Top 33.0th percentile of all CVEs 100%

CVSS score unavailable

Neither CIRCL nor NVD returned a CVSS score for this CVE. View on VulnerabilityLookup ↗

Description

Project Zero

Race condition in kernel

Attack Intelligence

CWE-362 · Race Condition CWE-367 · Time-of-check Time-of-use (TOCTOU) Race Condition CWE-691

Google Project Zero

Patched

Sept. 1, 2025

Reported by

Benoit Sevens of Google Threat Intelligence Group

Root Cause Analysis

???

Exploits & PoC

farazsth98/chronomaly

Android kernel exploit for CVE-2025-38352, previously exploited in-the-wild. Targets vulnerable x86_64 Linux kernels v5.10.x.

289

farazsth98/poc-CVE-2025-38352

This is a proof of concept for CVE-2025-38352, a vulnerability in the Linux kernel's POSIX CPU timers implementation. The September 2025 Android Bulle

jordelmir/Elysium-Vanguard-Sentinel-Audit

The official Sentinel Edition v7.11 - Hypervisor Detection & Kernel Memory Audit Suite for Honor Magic V2. Investigating CVE-2025-38352 and EL2 RKP de

Crime2/poc-CVE-2025-38352

PoC CVE-2025-38352 — Crime2/poc-CVE-2025-38352

4 repos — triés par ⭐ Rechercher sur GitHub ↗

Android Security Alert: Google Patches 120 Flaws, Including Two Zero-Days Under Attack

TheHackerNews

Google Patches 107 Android Flaws, Including Two Framework Bugs Exploited in the Wild

TheHackerNews Dec 02, 2025

Critical Remote Code Execution Vulnerability Patched in Android

SecurityWeek May 05, 2026

Samsung Fixes Critical Zero-Day CVE-2025-21043 Exploited in Android Attacks

TheHackerNews

CVE-2025-38352 posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()

Microsoft-MSRC Feb 18, 2026

Signal Intelligence

Confidenceⓘ

78%

EPSS 0.14%

Mentions 5

Last Seen May 05, 2026

CNA Information

Analyst Note

CVE-2025-38352 is a confirmed race condition in Linux kernel's posix-cpu-timers that affects task cleanup and signal handling, with HIGH severity (CVSS 7.4) and validation from Google Project Zero. The vulnerability involves concurrent execution windows between timer deletion and process reaping, representing a genuine kernel synchronization issue that warrants the confirmed classification despite limited public exploitation evidence at this time.