PT-2025-31068 · Linux+8 · Linux Kernel+8

Published

2025-07-16

·

Updated

2026-04-20

·

CVE-2025-38471

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.0-rc5-virtme
Description The Linux kernel contains a flaw related to TLS socket buffer handling. Recent changes in TCP compaction exposed a bug where the system might operate on outdated socket buffers when verifying the decrypt state and geometry of records in the queue. This can lead to a use-after-free condition, potentially resulting in system instability.
Recommendations Update to Linux kernel version 6.16.0-rc5-virtme or later.

Exploit

Fix

Use After Free

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025:13962
ALSA-2025:14009
AZL-65949
BDU:2025-10796
CVE-2025-38471
DLA-4328-1
DSA-5973-1
DSA-5975-1
ECHO-A3D0-D32E-623B
INFSA-2025_13962
MGASA-2025-0218
MGASA-2025-0219
OESA-2025-1959
OESA-2025-1960
OESA-2025-1961
RHSA-2025:13962
RHSA-2025:14003
RHSA-2025:14005
RHSA-2025:14009
RHSA-2025:14082
RHSA-2025:14497
RHSA-2025:14599
RHSA-2025:14811
RHSA-2025_13962
SUSE-SU-2025:02853-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:02969-1
SUSE-SU-2025:02996-1
SUSE-SU-2025:02997-1
SUSE-SU-2025:03011-1
SUSE-SU-2025:03023-1
SUSE-SU-2025:03636-1
SUSE-SU-2025:03638-1
SUSE-SU-2025:03646-1
SUSE-SU-2025:03650-1
SUSE-SU-2025:20577-1
SUSE-SU-2025:20586-1
SUSE-SU-2025:20601-1
SUSE-SU-2025:20602-1
SUSE-SU-2025:20873-1
SUSE-SU-2025:20874-1
SUSE-SU-2025:20875-1
SUSE-SU-2025:20876-1
SUSE-SU-2025:20877-1
SUSE-SU-2025:20878-1
SUSE-SU-2025:20879-1
SUSE-SU-2025:20881-1
SUSE-SU-2025:20882-1
SUSE-SU-2025:20883-1
SUSE-SU-2025:20884-1
SUSE-SU-2025:20885-1
SUSE-SU-2025:20886-1
SUSE-SU-2025:20887-1
SUSE-SU-2025:20888-1
SUSE-SU-2025:20890-1
SUSE-SU-2025:20891-1
SUSE-SU-2025:20902-1
SUSE-SU-2025:20903-1
SUSE-SU-2025:20904-1
SUSE-SU-2025:20905-1
SUSE-SU-2025:20906-1
SUSE-SU-2025:20907-1
SUSE-SU-2025:20909-1
SUSE-SU-2025:20912-1
SUSE-SU-2025:20913-1
SUSE-SU-2025:20914-1
SUSE-SU-2025:20915-1
SUSE-SU-2025:20916-1
SUSE-SU-2025:20917-1
SUSE-SU-2025:20918-1
SUSE-SU-2025:20920-1
SUSE-SU-2025:3742-1
SUSE-SU-2025:3748-1
SUSE-SU-2025:3755-1
SUSE-SU-2025:3762-1
SUSE-SU-2025:3764-1
SUSE-SU-2025:3765-1
SUSE-SU-2025:3768-1
SUSE-SU-2025:3771-1
SUSE-SU-2025:3772-1
SUSE-SU-2025_02853-1
SUSE-SU-2025_02969-1
SUSE-SU-2025_02996-1
SUSE-SU-2025_02997-1
SUSE-SU-2025_03011-1
SUSE-SU-2025_03023-1
USN-7879-1
USN-7879-2
USN-7879-3
USN-7879-4
USN-7880-1
USN-7934-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Almalinux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu