PT-2025-27710 · Linux+8 · Linux Kernel+8

Published

2025-05-30

·

Updated

2026-04-20

·

CVE-2025-38124

CVSS v2.0

6.0

Medium

VectorAV:L/AC:H/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: A vulnerability in the Linux kernel has been resolved, related to the handling of UDP packets with modified geometry. The issue occurs when optional datapath hooks such as NAT and BPF modify fraglist skbs, breaking the invariants of SKB GSO FRAGLIST skbs. This can cause exceptions when splitting skbs by skb segment. The vulnerability affects packets that fail the basic invariants on gso fraglist skbs, which are linearized to prevent bugs.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Memory Leak

Incorrect Type Conversion or Cast

Weakness Enumeration

CWE-401CWE-704

Related Identifiers

ALSA-2025:13962
ALSA-2025:14009
BDU:2025-09605
CVE-2025-38124
DLA-4328-1
DSA-5973-1
ECHO-44D8-A3F3-26A7
INFSA-2025_13962
MGASA-2025-0218
MGASA-2025-0219
OESA-2025-1878
OESA-2025-1879
OESA-2025-1880
OESA-2025-2081
OESA-2025-2082
OPENSUSE-SU-2025:20081-1
RHSA-2025:13962
RHSA-2025:14009
RHSA-2025_13962
SUSE-SU-2025:02853-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:02969-1
SUSE-SU-2025:02996-1
SUSE-SU-2025:02997-1
SUSE-SU-2025:03011-1
SUSE-SU-2025:03023-1
SUSE-SU-2025:20577-1
SUSE-SU-2025:20586-1
SUSE-SU-2025:20601-1
SUSE-SU-2025:20602-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025_02853-1
SUSE-SU-2025_02969-1
SUSE-SU-2025_02996-1
SUSE-SU-2025_02997-1
SUSE-SU-2025_03011-1
SUSE-SU-2025_03023-1
USN-7769-1
USN-7769-2
USN-7769-3
USN-7770-1
USN-7771-1
USN-7789-1
USN-7789-2
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Almalinux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu