PT-2025-27706 · Linux+6 · Linux Kernel+6

Published

2025-07-03

·

Updated

2026-04-20

·

CVE-2025-38120

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: The issue is related to the netfilter in the Linux kernel, specifically with the nf set pipapo avx2 function. The problem occurs when the first field does not cover the entire start map, causing bits to leak into the next match round map. An initial fix was incomplete, only addressing the generic C implementation. A follow-up patch added a test case to nft concat range.sh.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Weakness Enumeration

CWE-401

Related Identifiers

BDU:2025-10784
CVE-2025-38120
DLA-4328-1
DSA-5973-1
ECHO-9DF3-2C51-D2EA
MGASA-2025-0218
MGASA-2025-0219
OESA-2025-1878
OESA-2025-1879
OESA-2025-1880
OPENSUSE-SU-2025:20081-1
SUSE-SU-2025:02848-1
SUSE-SU-2025:02849-1
SUSE-SU-2025:02850-1
SUSE-SU-2025:02851-1
SUSE-SU-2025:02852-1
SUSE-SU-2025:02853-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:02969-1
SUSE-SU-2025:02996-1
SUSE-SU-2025:02997-1
SUSE-SU-2025:03011-1
SUSE-SU-2025:03023-1
SUSE-SU-2025:03344-1
SUSE-SU-2025:20577-1
SUSE-SU-2025:20586-1
SUSE-SU-2025:20601-1
SUSE-SU-2025:20602-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025_02848-1
SUSE-SU-2025_02849-1
SUSE-SU-2025_02853-1
SUSE-SU-2025_02969-1
SUSE-SU-2025_02996-1
SUSE-SU-2025_02997-1
SUSE-SU-2025_03011-1
SUSE-SU-2025_03023-1
SUSE-SU-2025_03344-1
USN-7769-1
USN-7769-2
USN-7769-3
USN-7770-1
USN-7771-1
USN-7774-1
USN-7774-2
USN-7774-3
USN-7774-4
USN-7774-5
USN-7775-1
USN-7775-2
USN-7775-3
USN-7776-1
USN-7789-1
USN-7789-2
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu