Double Free Vulnerability in Linux Kernel Affecting Socket Type algif_hash
CVE-2025-38079

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 June 2025

What is CVE-2025-38079?

A double free vulnerability exists in the Linux kernel's handling of the algif_hash socket type, specifically during the accept(2) call with the MSG_MORE flag. When crypto_ahash_import fails, the memory allocated for sk2 is incorrectly freed. Consequently, a second attempt to free this memory by af_alg_release can lead to a slab-use-after-free condition, posing risks of memory corruption and potential execution of arbitrary code.

Affected Version(s)

Linux fe869cdb89c95d060c77eea20204d6c91f233b53 < 5bff312b59b3f2a54ff504e4f4e47272b64f3633

Linux fe869cdb89c95d060c77eea20204d6c91f233b53

References

https://git.kernel.org/stable/c/5bff312b59b3f2a54ff504e4f...

https://git.kernel.org/stable/c/bf7bba75b91539e93615f5608...

https://git.kernel.org/stable/c/c3059d58f79fdfb2201249c27...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 18, 2025
Vulnerability Reserved
Apr 16, 2025