PT-2025-33588 · Linux+5 · Linux Kernel+5

Published

2025-07-10

Updated

2026-03-23

CVE-2025-38545

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A flaw exists in the Linux kernel related to memory allocation for the skb shared info member of an skb (socket buffer) during the transition from netdev alloc ip align() to build skb(). Insufficient memory was allocated for skb shared info, leading to a potential issue. The fix involves allocating PAGE SIZE as the skb length, correctly accounting for packet length, headroom, and tailroom to include the necessary memory space for skb shared info.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-909CWE-401

Related Identifiers

BDU:2025-15807

CVE-2025-38545

OPENSUSE-SU-2025:20081-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

USN-7879-1

USN-7879-2

USN-7879-3

USN-7879-4

USN-7880-1

USN-7934-1

Affected Products

Astra Linux

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

PT-2025-33588 · Linux+5 · Linux Kernel+5

CVE-2025-38545

Weakness Enumeration

Related Identifiers

Affected Products

References · 1488