CVE-2025-38251

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-38251
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38251.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-38251
Downstream
Related
Published
2025-07-09T10:42:30.877Z
Modified
2026-03-20T12:42:45.848044Z
Summary
atm: clip: prevent NULL deref in clip_push()
Details

In the Linux kernel, the following vulnerability has been resolved:

atm: clip: prevent NULL deref in clip_push()

Blamed commit missed that vccdestroysocket() calls clip_push() with a NULL skb.

If clipdevs is NULL, clippush() then crashes when reading skb->truesize.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38251.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
93a2014afbace907178afc3c9c1e62c9a338595a
Fixed
41f6420ee845006354c004839fed07da71e34aee
Fixed
9199e8cb75f13a1650adcb3c6cad42789c43884e
Fixed
88c88f91f4b3563956bb52e7a71a3640f7ece157
Fixed
3c709dce16999bf6a1d2ce377deb5dd6fdd8cb08
Fixed
a07005a77b18ae59b8471e7e4d991fa9f642b3c2
Fixed
ede31ad949ae0d03cb4c5edd79991586ad7c8bb8
Fixed
b993ea46b3b601915ceaaf3c802adf11e7d6bac6

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38251.json"