PT-2025-33770 · Linux+7 · Linux Kernel+7
Scott
·
Published
2025-07-31
·
Updated
2026-04-20
·
CVE-2025-38571
CVSS v2.0
7.6
High
| Vector | AV:N/AC:H/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Linux kernel (affected versions not specified)
Description:
A security issue was identified in NFS over TLS within the
tls alert recv function. The vulnerability stems from an incorrect assumption regarding the validity of data within the message header's iterator's kvec. The issue is addressed by reworking the setup and usage of control messages within sock recvmsg(). Specifically, the kTLS layer may encounter TLS control messages and return an error, which is then handled by NFS to read in the control message, such as a TLS alert. The patch reverts the iterator before calling into the tls alert recv function to prevent issues with the kvec pointer advancement during the copy process.Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Almalinux
Astra Linux
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu