PT-2025-36003 · Linux+6 · Linux Kernel+6

Published

2025-08-12

·

Updated

2026-04-20

·

CVE-2025-38730

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The Linux kernel contains an issue where ring provided buffers in the networking context, specifically when MSG WAITALL is set or with streaming sockets, can be incorrectly retained across retries. This can lead to the use of invalid or shared memory, potentially resulting in data corruption in applications if multiple sockets utilize the same buffer group. The issue arises from failing to recycle or commit buffers on retry, leading to potential access of unallocated memory if the buffer ring is unregistered or shared between receives.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Improper Locking

Weakness Enumeration

CWE-787CWE-667

Related Identifiers

ALSA-2026:2212
ALSA-2026:2282
AZL-66830
BDU:2025-15190
CVE-2025-38730
DSA-6008-1
MGASA-2025-0234
MGASA-2025-0235
OESA-2026-1759
OESA-2026-1760
OESA-2026-1761
OPENSUSE-SU-2025:20081-1
RHSA-2026:2212
RHSA-2026:2282
RHSA-2026:2759
RHSA-2026:2766
RHSA-2026:3124
SUSE-SU-2025:03600-1
SUSE-SU-2025:03601-1
SUSE-SU-2025:03602-1
SUSE-SU-2025:03633-1
SUSE-SU-2025:03634-1
SUSE-SU-2025:20851-1
SUSE-SU-2025:20861-1
SUSE-SU-2025:20870-1
SUSE-SU-2025:20898-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025:3725-1
SUSE-SU-2025:3751-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Rocky Linux
Suse
Ubuntu