PT-2025-25827 · Linux+8 · Linux Kernel+8

Published

2024-04-30

·

Updated

2026-04-20

·

CVE-2025-38053

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A null pointer dereference issue has been identified in the Linux kernel, specifically in the idpf features check function. This function is used to validate TX packets, and the issue arises when the vport pointer is accessed after all vports have been released during a reset, resulting in a NULL pointer. To resolve this, the maximum header length value is stored in the netdev private structure, which also helps to cache the value and avoid accessing the adapter pointer in the hot path.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Weakness Enumeration

CWE-476

Related Identifiers

BDU:2025-12121
CESA-2025_9580
CESA-2025_9581
CVE-2025-38053
RHSA-2024:2394
RHSA-2024_2394
RHSA-2025:9580
RHSA-2025:9581
RHSA-2025_9580
RHSA-2025_9581
SUSE-SU-2025:02249-1
SUSE-SU-2025:02254-1
SUSE-SU-2025:02307-1
SUSE-SU-2025:02333-1
SUSE-SU-2025:02335-1
SUSE-SU-2025:02538-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:20475-1
SUSE-SU-2025:20483-1
SUSE-SU-2025:20493-1
SUSE-SU-2025:20498-1
SUSE-SU-2025_02249-1
SUSE-SU-2025_02254-1
SUSE-SU-2025_02307-1
SUSE-SU-2025_02333-1
SUSE-SU-2025_02335-1
SUSE-SU-2025_02538-1
USN-7769-1
USN-7769-2
USN-7769-3
USN-7770-1
USN-7771-1
USN-7789-1
USN-7789-2
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu