CVE-2025-38375

Source
https://nvd.nist.gov/vuln/detail/CVE-2025-38375
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38375.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-38375
Downstream
Related
Published
2025-07-25T13:15:26Z
Modified
2025-08-28T15:15:48Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

virtio-net: ensure the received length does not exceed allocated size

In xdplinearizepage, when reading the following buffers from the ring, we forget to check the received length with the true allocate size. This can lead to an out-of-bound read. This commit adds that missing check.

References

Affected packages