CVE-2025-38465

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in its netlink implementation related to memory allocation tracking. Specifically, the sk->sk rmem alloc variable can experience wraparounds, potentially leading to excessive memory consumption and ultimately, an out-of-memory (OOM) condition. This occurs when a large receive buffer size (SO RCVBUFFORCE) is set, causing the comparison in the memory allocation check to be inaccurate due to integer overflow. The issue arises from the use of signed integers in the atomic addition operation, allowing a single socket to allocate an excessive number of skb structures.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.