-
CVE-2025-38572
- EPSS 0.05%
- Veröffentlicht 19.08.2025 17:15:34
- Zuletzt bearbeitet 28.08.2025 15:15:53
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- Teams Watchlist Login
- Unerledigt Login
In the Linux kernel, the following vulnerability has been resolved: ipv6: reject malicious packets in ipv6_gso_segment() syzbot was able to craft a packet with very long IPv6 extension headers leading to an overflow of skb->transport_header. This 16bit field has a limited range. Add skb_reset_transport_header_careful() helper and use it from ipv6_gso_segment() WARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline] WARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151 Modules linked in: CPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline] RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151 Call Trace: <TASK> skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53 nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110 skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53 __skb_gso_segment+0x342/0x510 net/core/gso.c:124 skb_gso_segment include/net/gso.h:83 [inline] validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950 validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000 sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329 __dev_xmit_skb net/core/dev.c:4102 [inline] __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version <
5dc60b2a00ed7629214ac0c48e43f40af2078703
Version
d1da932ed4ecad2a14cbcc01ed589d617d0f0f09
Status
affected
Version <
3f638e0b28bde7c3354a0df938ab3a96739455d1
Version
d1da932ed4ecad2a14cbcc01ed589d617d0f0f09
Status
affected
Version <
09ff062b89d8e48165247d677d1ca23d6d607e9b
Version
d1da932ed4ecad2a14cbcc01ed589d617d0f0f09
Status
affected
Version <
de322cdf600fc9433845a9e944d1ca6b31cfb67e
Version
d1da932ed4ecad2a14cbcc01ed589d617d0f0f09
Status
affected
Version <
ef05007b403dcc21e701cb1f30d4572ac0a9da20
Version
d1da932ed4ecad2a14cbcc01ed589d617d0f0f09
Status
affected
Version <
5489e7fc6f8be3062f8cb7e49406de4bfd94db67
Version
d1da932ed4ecad2a14cbcc01ed589d617d0f0f09
Status
affected
Version <
573b8250fc2554761db3bc2bbdbab23789d52d4e
Version
d1da932ed4ecad2a14cbcc01ed589d617d0f0f09
Status
affected
Version <
ee851768e4b8371ce151fd446d24bf3ae2d18789
Version
d1da932ed4ecad2a14cbcc01ed589d617d0f0f09
Status
affected
Version <
d45cf1e7d7180256e17c9ce88e32e8061a7887fe
Version
d1da932ed4ecad2a14cbcc01ed589d617d0f0f09
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
3.8
Status
affected
Version <
3.8
Version
0
Status
unaffected
Version <=
5.4.*
Version
5.4.297
Status
unaffected
Version <=
5.10.*
Version
5.10.241
Status
unaffected
Version <=
5.15.*
Version
5.15.190
Status
unaffected
Version <=
6.1.*
Version
6.1.148
Status
unaffected
Version <=
6.6.*
Version
6.6.102
Status
unaffected
Version <=
6.12.*
Version
6.12.42
Status
unaffected
Version <=
6.15.*
Version
6.15.10
Status
unaffected
Version <=
6.16.*
Version
6.16.1
Status
unaffected
Version <=
*
Version
6.17-rc1
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.05% | 0.142 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|