CVE-2025-38184

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version

Description: A null pointer dereference issue has been identified in the Linux kernel when acquiring the remote IP of an Ethernet bearer. The issue can be reproduced by creating a tun interface, enabling the l2 bearer, and using the TIPC NL UDP GET REMOTEIP command with the media name set to tun. This can lead to a general protection fault. The issue arises when the bearer list may be NULL or other media when another thread changes it, specifically when bid != 0 && skip cnt != 0. The fix involves checking the media id to prevent this issue.

Recommendations: For Linux kernel versions prior to the fixed version, apply the patch that fixes the null pointer dereference issue in the tipc udp nl dump remoteip function by checking the media id. As a temporary workaround, consider restricting the use of the TIPC NL UDP GET REMOTEIP command until a patch is available.