CVE-2025-38162

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A vulnerability in the Linux kernel has been resolved, specifically in the netfilter component, related to the nft set pipapo. The issue involves preventing overflow in lookup table allocation. When calculating the lookup table size, the code ensures that multiplication does not overflow by considering factors such as desc->field len[] maximum value, NFT PIPAPO GROUPS PER BYTE(f), NFT PIPAPO BUCKETS(f->bb), and sizeof(unsigned long). The code uses functions like check mul overflow() and check add overflow() to prevent overflows. Additionally, a helper function lt size check overflow() is used to consolidate these checks. The vulnerability does not specify the number of potentially affected devices or real-world incidents.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.