CVE-2025-38441

EPSS 0.04%
Veröffentlicht 25.07.2025 16:15:29
Zuletzt bearbeitet 29.07.2025 14:14:55
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()

syzbot found a potential access to uninit-value in nf_flow_pppoe_proto()

Blamed commit forgot the Ethernet header.

BUG: KMSAN: uninit-value in nf_flow_offload_inet_hook+0x7e4/0x940 net/netfilter/nf_flow_table_inet.c:27
  nf_flow_offload_inet_hook+0x7e4/0x940 net/netfilter/nf_flow_table_inet.c:27
  nf_hook_entry_hookfn include/linux/netfilter.h:157 [inline]
  nf_hook_slow+0xe1/0x3d0 net/netfilter/core.c:623
  nf_hook_ingress include/linux/netfilter_netdev.h:34 [inline]
  nf_ingress net/core/dev.c:5742 [inline]
  __netif_receive_skb_core+0x4aff/0x70c0 net/core/dev.c:5837
  __netif_receive_skb_one_core net/core/dev.c:5975 [inline]
  __netif_receive_skb+0xcc/0xac0 net/core/dev.c:6090
  netif_receive_skb_internal net/core/dev.c:6176 [inline]
  netif_receive_skb+0x57/0x630 net/core/dev.c:6235
  tun_rx_batched+0x1df/0x980 drivers/net/tun.c:1485
  tun_get_user+0x4ee0/0x6b40 drivers/net/tun.c:1938
  tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1984
  new_sync_write fs/read_write.c:593 [inline]
  vfs_write+0xb4b/0x1580 fs/read_write.c:686
  ksys_write fs/read_write.c:738 [inline]
  __do_sys_write fs/read_write.c:749 [inline]

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < a3aea97d55964e70a1e6426aa4cafdc036e8a2dd

Version d06977b9a4109f8738bb276125eb6a0b772bc433

Status affected

Version < eed8960b289327235185b7c32649c3470a3e969b

Version 8bf7c76a2a207ca2b4cfda0a279192adf27678d7

Status affected

Version < 9fbc49429a23b02595ba82536c5ea425fdabb221

Version a2471d271042ea18e8a6babc132a8716bb2f08b9

Status affected

Version < e0dd2e9729660f3f4fcb16e0aef87342911528ef

Version 87b3593bed1868b2d9fe096c01bcdf0ea86cbebf

Status affected

Version < cfbf0665969af2c69d10c377d4c3d306e717efb4

Version 87b3593bed1868b2d9fe096c01bcdf0ea86cbebf

Status affected

Version < 18cdb3d982da8976b28d57691eb256ec5688fad2

Version 87b3593bed1868b2d9fe096c01bcdf0ea86cbebf

Status affected

Version cf366ee3bc1b7d1c76a882640ba3b3f8f1039163

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.9

Status affected

Version < 6.9

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.189

Status unaffected

Version <= 6.1.*

Version 6.1.146

Status unaffected

Version <= 6.6.*

Version 6.6.99

Status unaffected

Version <= 6.12.*

Version 6.12.39

Status unaffected

Version <= 6.15.*

Version 6.15.7

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.103

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/18cdb3d982da8976b28d57691eb256ec5688fad2

https://git.kernel.org/stable/c/9fbc49429a23b02595ba82536c5ea425fdabb221

https://git.kernel.org/stable/c/a3aea97d55964e70a1e6426aa4cafdc036e8a2dd

https://git.kernel.org/stable/c/cfbf0665969af2c69d10c377d4c3d306e717efb4

https://git.kernel.org/stable/c/e0dd2e9729660f3f4fcb16e0aef87342911528ef

https://git.kernel.org/stable/c/eed8960b289327235185b7c32649c3470a3e969b

https://nvd.nist.gov/vuln/detail/CVE-2025-38441

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38441

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38441

EUVD