CVE-2025-38441
- Source
- https://cve.org/CVERecord?id=CVE-2025-38441
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38441.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-38441
- Downstream
- Related
- Published
- 2025-07-25T15:27:20.276Z
- Modified
- 2026-03-12T02:17:19.276736Z
- Summary
- netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
netfilter: flowtable: account for Ethernet header in nfflowpppoe_proto()
syzbot found a potential access to uninit-value in nfflowpppoe_proto()
Blamed commit forgot the Ethernet header.
BUG: KMSAN: uninit-value in nfflowoffloadinethook+0x7e4/0x940 net/netfilter/nfflowtableinet.c:27 nfflowoffloadinethook+0x7e4/0x940 net/netfilter/nfflowtableinet.c:27 nfhookentryhookfn include/linux/netfilter.h:157 [inline] nfhookslow+0xe1/0x3d0 net/netfilter/core.c:623 nfhookingress include/linux/netfilternetdev.h:34 [inline] nf_ingress net/core/dev.c:5742 [inline] __netifreceiveskb_core+0x4aff/0x70c0 net/core/dev.c:5837 __netifreceiveskbonecore net/core/dev.c:5975 [inline] __netifreceiveskb+0xcc/0xac0 net/core/dev.c:6090 netif_receiveskbinternal net/core/dev.c:6176 [inline] netifreceiveskb+0x57/0x630 net/core/dev.c:6235 tunrxbatched+0x1df/0x980 drivers/net/tun.c:1485 tungetuser+0x4ee0/0x6b40 drivers/net/tun.c:1938 tunchrwriteiter+0x3e9/0x5c0 drivers/net/tun.c:1984 newsyncwrite fs/readwrite.c:593 [inline] vfswrite+0xb4b/0x1580 fs/readwrite.c:686 ksyswrite fs/readwrite.c:738 [inline] _dosyswrite fs/readwrite.c:749 [inline]
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38441.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/18cdb3d982da8976b28d57691eb256ec5688fad2
- https://git.kernel.org/stable/c/9fbc49429a23b02595ba82536c5ea425fdabb221
- https://git.kernel.org/stable/c/a3aea97d55964e70a1e6426aa4cafdc036e8a2dd
- https://git.kernel.org/stable/c/cfbf0665969af2c69d10c377d4c3d306e717efb4
- https://git.kernel.org/stable/c/e0dd2e9729660f3f4fcb16e0aef87342911528ef
- https://git.kernel.org/stable/c/eed8960b289327235185b7c32649c3470a3e969b
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38441.json
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
- https://nvd.nist.gov/vuln/detail/CVE-2025-38441
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedd06977b9a4109f8738bb276125eb6a0b772bc433Fixeda3aea97d55964e70a1e6426aa4cafdc036e8a2dd
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8bf7c76a2a207ca2b4cfda0a279192adf27678d7Fixedeed8960b289327235185b7c32649c3470a3e969b
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceda2471d271042ea18e8a6babc132a8716bb2f08b9Fixed9fbc49429a23b02595ba82536c5ea425fdabb221
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced87b3593bed1868b2d9fe096c01bcdf0ea86cbebfFixede0dd2e9729660f3f4fcb16e0aef87342911528efFixedcfbf0665969af2c69d10c377d4c3d306e717efb4Fixed18cdb3d982da8976b28d57691eb256ec5688fad2
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedcf366ee3bc1b7d1c76a882640ba3b3f8f1039163