PT-2025-27751 · Linux+6 · Linux Kernel+6

Published

2025-02-19

·

Updated

2026-04-20

·

CVE-2025-38166

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: A vulnerability in the Linux kernel has been resolved, related to the bpf (Berkeley Packet Filter) functionality, specifically with ktls panic and sockmap. The issue arises when the BPF program executes certain functions, such as bpf msg push data(), which can increase the size of msg pl->sg, leading to errors when attempting to roll back to non-zero copy logic. This can cause the kernel to panic. The vulnerability is related to the handling of corking in non-zero-copy logic for TCP sockets.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Resource Release

Weakness Enumeration

CWE-404

Related Identifiers

AZL-64637
AZL-72760
BDU:2025-14099
CVE-2025-38166
DLA-4328-1
DSA-5973-1
ECHO-8B36-0CE7-E55A
MGASA-2025-0218
MGASA-2025-0219
OESA-2025-2120
OESA-2025-2121
OESA-2025-2122
SUSE-SU-2025:02846-1
SUSE-SU-2025:02853-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:02969-1
SUSE-SU-2025:02996-1
SUSE-SU-2025:02997-1
SUSE-SU-2025:03011-1
SUSE-SU-2025:03023-1
SUSE-SU-2025:20577-1
SUSE-SU-2025:20586-1
SUSE-SU-2025:20601-1
SUSE-SU-2025:20602-1
SUSE-SU-2025_02846-1
SUSE-SU-2025_02853-1
SUSE-SU-2025_02969-1
SUSE-SU-2025_02996-1
SUSE-SU-2025_02997-1
SUSE-SU-2025_03011-1
SUSE-SU-2025_03023-1
USN-7769-1
USN-7769-2
USN-7769-3
USN-7770-1
USN-7771-1
USN-7789-1
USN-7789-2
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu