Slab-use-after-free Vulnerability in Linux Kernel's TIPC Module
CVE-2025-38052

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
18 June 2025

What is CVE-2025-38052?

A slab-use-after-free vulnerability has been identified in the TIPC (Transparent Inter-Process Communication) module of the Linux kernel. This issue occurs when the system attempts to access memory that has already been freed, specifically during the encryption completion process in the tipc_aead_encrypt_done function. When a network namespace is deleted, if there are outstanding cryptographic operations relying on the already freed memory, this can result in undefined behavior and potential system instability. The flaw can be exploited under specific conditions, particularly if the simd_aead_encrypt operation is interrupted, causing the cryptd_queue_worker to reference the invalid memory. The vulnerability has been addressed by ensuring the appropriate reference count management for the network namespace before encrypting data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux fc1b6d6de2208774efd2a20bf0daddb02d18b1e0

Linux fc1b6d6de2208774efd2a20bf0daddb02d18b1e0

Linux fc1b6d6de2208774efd2a20bf0daddb02d18b1e0

References

https://git.kernel.org/stable/c/d42ed4de6aba232d946d20653...
https://git.kernel.org/stable/c/f5c2c4eaaa5a8e7e0685ec031...
https://git.kernel.org/stable/c/b8fcae6d2e93c54cacb8f579a...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.