PT-2025-30872 · Linux+5 · Linux Kernel+5

Published

2025-01-01

·

Updated

2026-05-26

·

CVE-2025-38458

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.15.0-rc6-syzkaller-00346-g5723cc3450bc
Description A NULL pointer dereference issue exists in the vcc sendmsg() function within the Linux kernel's atm subsystem. This occurs because atmarpd dev ops does not implement the send method, potentially leading to a kernel crash.
Recommendations Update the Linux kernel to version 6.15.0-rc6-syzkaller-00346-g5723cc3450bc or a later version to address this issue.

Exploit

Fix

DoS

NULL Pointer Dereference

Weakness Enumeration

CWE-476

Related Identifiers

AZL-65708
AZL-72938
BDU:2025-11504
CVE-2025-38458
DLA-4327-1
DLA-4328-1
DSA-5973-1
DSA-5975-1
ECHO-D57D-5555-EA7A
MGASA-2025-0218
MGASA-2025-0219
OPENSUSE-SU-2025:20081-1
SUSE-SU-2025:03272-1
SUSE-SU-2025:03290-1
SUSE-SU-2025:03301-1
SUSE-SU-2025:03382-1
SUSE-SU-2025:03602-1
SUSE-SU-2025:03633-1
SUSE-SU-2025:03634-1
SUSE-SU-2025:20653-1
SUSE-SU-2025:20669-1
SUSE-SU-2025:20739-1
SUSE-SU-2025:20756-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025_03272-1
SUSE-SU-2025_03290-1
SUSE-SU-2025_03301-1
SUSE-SU-2025_03382-1
USN-7774-1
USN-7774-2
USN-7774-3
USN-7774-4
USN-7774-5
USN-7775-1
USN-7775-2
USN-7775-3
USN-7776-1
USN-7879-1
USN-7879-2
USN-7879-3
USN-7879-4
USN-7880-1
USN-7934-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu