-

CVE-2025-38310

EPSS 0.04%
Veröffentlicht 10.07.2025 07:42:19
Zuletzt bearbeitet 10.07.2025 13:17:30
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

seg6: Fix validation of nexthop addresses

The kernel currently validates that the length of the provided nexthop
address does not exceed the specified length. This can lead to the
kernel reading uninitialized memory if user space provided a shorter
length than the specified one.

Fix by validating that the provided length exactly matches the specified
one.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 668923c474608dd9ebce0fbcc41bd8a27aa73dd6

Version d1df6fd8a1d22d37cffa0075ab8ad423ce656777

Status affected

Version < cef33a86bcb04ecf4dc10c56f6c42ee9d1c54bac

Version d1df6fd8a1d22d37cffa0075ab8ad423ce656777

Status affected

Version < d2507aeea45b3c5aa24d5daae0cf3db76895c0b7

Version d1df6fd8a1d22d37cffa0075ab8ad423ce656777

Status affected

Version < d5d9fd13bc19a3f9f2a951c5b6e934d84205789e

Version d1df6fd8a1d22d37cffa0075ab8ad423ce656777

Status affected

Version < cd4cd09810211fa23609c5c1018352e9e1cd8e5a

Version d1df6fd8a1d22d37cffa0075ab8ad423ce656777

Status affected

Version < 7632fedb266d93ed0ed9f487133e6c6314a9b2d1

Version d1df6fd8a1d22d37cffa0075ab8ad423ce656777

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.14

Status affected

Version < 4.14

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.186

Status unaffected

Version <= 6.1.*

Version 6.1.142

Status unaffected

Version <= 6.6.*

Version 6.6.94

Status unaffected

Version <= 6.12.*

Version 6.12.34

Status unaffected

Version <= 6.15.*

Version 6.15.3

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.098

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/668923c474608dd9ebce0fbcc41bd8a27aa73dd6

https://git.kernel.org/stable/c/cef33a86bcb04ecf4dc10c56f6c42ee9d1c54bac

https://git.kernel.org/stable/c/d2507aeea45b3c5aa24d5daae0cf3db76895c0b7

https://git.kernel.org/stable/c/d5d9fd13bc19a3f9f2a951c5b6e934d84205789e

https://git.kernel.org/stable/c/cd4cd09810211fa23609c5c1018352e9e1cd8e5a

https://git.kernel.org/stable/c/7632fedb266d93ed0ed9f487133e6c6314a9b2d1

https://nvd.nist.gov/vuln/detail/CVE-2025-38310

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38310

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38310

EUVD