CVE-2025-38375

Description

In the Linux kernel, the following vulnerability has been resolved: virtio-net: ensure the received length does not exceed allocated size In xdp_linearize_page, when reading the following buffers from the ring, we forget to check the received length with the true allocate size. This can lead to an out-of-bound read. This commit adds that missing check.

Reserved 2025-04-16 | Published 2025-07-25 | Updated 2025-07-25 | Assigner Linux

Product status

Default status
unaffected

4941d472bf95b4345d6e38906fcf354e74afa311 before 982beb7582c193544eb9c6083937ec5ac1c9d651
affected

4941d472bf95b4345d6e38906fcf354e74afa311 before 6aca3dad2145e864dfe4d1060f45eb1bac75dd58
affected

4941d472bf95b4345d6e38906fcf354e74afa311 before 80b971be4c37a4d23a7f1abc5ff33dc7733d649b
affected

4941d472bf95b4345d6e38906fcf354e74afa311 before bc68bc3563344ccdc57d1961457cdeecab8f81ef
affected

4941d472bf95b4345d6e38906fcf354e74afa311 before 11f2d0e8be2b5e784ac45fa3da226492c3e506d8
affected

4941d472bf95b4345d6e38906fcf354e74afa311 before 315dbdd7cdf6aa533829774caaf4d25f1fd20e73
affected

Default status
affected

4.14
affected

Any version before 4.14
unaffected

5.15.189
unaffected

6.1.144
unaffected

6.6.97
unaffected

6.12.37
unaffected

6.15.6
unaffected

6.16-rc5
unaffected

References

git.kernel.org/...c/982beb7582c193544eb9c6083937ec5ac1c9d651

git.kernel.org/...c/6aca3dad2145e864dfe4d1060f45eb1bac75dd58

git.kernel.org/...c/80b971be4c37a4d23a7f1abc5ff33dc7733d649b

git.kernel.org/...c/bc68bc3563344ccdc57d1961457cdeecab8f81ef

git.kernel.org/...c/11f2d0e8be2b5e784ac45fa3da226492c3e506d8

git.kernel.org/...c/315dbdd7cdf6aa533829774caaf4d25f1fd20e73

cve.org (CVE-2025-38375)

nvd.nist.gov (CVE-2025-38375)

Download JSON