-

CVE-2025-38184

EPSS 0.04%
Veröffentlicht 04.07.2025 13:37:11
Zuletzt bearbeitet 08.07.2025 16:18:53
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer

The reproduction steps:
1. create a tun interface
2. enable l2 bearer
3. TIPC_NL_UDP_GET_REMOTEIP with media name set to tun

tipc: Started in network mode
tipc: Node identity 8af312d38a21, cluster identity 4711
tipc: Enabled bearer <eth:syz_tun>, priority 1
Oops: general protection fault
KASAN: null-ptr-deref in range
CPU: 1 UID: 1000 PID: 559 Comm: poc Not tainted 6.16.0-rc1+ #117 PREEMPT
Hardware name: QEMU Ubuntu 24.04 PC
RIP: 0010:tipc_udp_nl_dump_remoteip+0x4a4/0x8f0

the ub was in fact a struct dev.

when bid != 0 && skip_cnt != 0, bearer_list[bid] may be NULL or
other media when other thread changes it.

fix this by checking media_id.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 3998283e4c32c0fe69edd59b0876c193f50abce6

Version 832629ca5c313e122b22b8e73a6d80f111b1a1ae

Status affected

Version < c2e17984752b9131061d1a2ca1199da2706337fd

Version 832629ca5c313e122b22b8e73a6d80f111b1a1ae

Status affected

Version < 8595350615f952fcf8bc861464a6bf6b1129af50

Version 832629ca5c313e122b22b8e73a6d80f111b1a1ae

Status affected

Version < 05d332ba075753d569d66333d62d60fff5f57ad8

Version 832629ca5c313e122b22b8e73a6d80f111b1a1ae

Status affected

Version < d3dfe821dfe091c0045044343c8d86596d66e2cf

Version 832629ca5c313e122b22b8e73a6d80f111b1a1ae

Status affected

Version < 0d3d91c3500f0c480e016faa4e2259c588616e59

Version 832629ca5c313e122b22b8e73a6d80f111b1a1ae

Status affected

Version < 0f4a72fb266e48dbe928e1d936eab149e4ac3e1b

Version 832629ca5c313e122b22b8e73a6d80f111b1a1ae

Status affected

Version < f82727adcf2992822e12198792af450a76ebd5ef

Version 832629ca5c313e122b22b8e73a6d80f111b1a1ae

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.9

Status affected

Version < 4.9

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.295

Status unaffected

Version <= 5.10.*

Version 5.10.239

Status unaffected

Version <= 5.15.*

Version 5.15.186

Status unaffected

Version <= 6.1.*

Version 6.1.142

Status unaffected

Version <= 6.6.*

Version 6.6.95

Status unaffected

Version <= 6.12.*

Version 6.12.35

Status unaffected

Version <= 6.15.*

Version 6.15.4

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.097

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/3998283e4c32c0fe69edd59b0876c193f50abce6

https://git.kernel.org/stable/c/c2e17984752b9131061d1a2ca1199da2706337fd

https://git.kernel.org/stable/c/8595350615f952fcf8bc861464a6bf6b1129af50

https://git.kernel.org/stable/c/05d332ba075753d569d66333d62d60fff5f57ad8

https://git.kernel.org/stable/c/d3dfe821dfe091c0045044343c8d86596d66e2cf

https://git.kernel.org/stable/c/0d3d91c3500f0c480e016faa4e2259c588616e59

https://git.kernel.org/stable/c/0f4a72fb266e48dbe928e1d936eab149e4ac3e1b

https://git.kernel.org/stable/c/f82727adcf2992822e12198792af450a76ebd5ef

https://nvd.nist.gov/vuln/detail/CVE-2025-38184

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38184

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38184

EUVD