Linux Kernel Vulnerability Affecting IPv4 Sockets Due to Insufficient Validation
CVE-2025-38147
What is CVE-2025-38147?
A vulnerability in the Linux kernel allows for a null pointer dereference in the txopt_get() function when handling socket connections. This issue arises from inadequate validation within the netlbl_conn_setattr() function. Specifically, the function fails to verify if the socket's address family aligns with that of the incoming connection request, potentially leading to crashes. The problem was identified when syzkaller tested an IPv6 address on an IPv4 socket, revealing the lack of necessary checks at an earlier stage in the connection process. Proper validation exists elsewhere in the code but hasn't been applied in all relevant areas, necessitating a fix for enhanced security.
Affected Version(s)
Linux ceba1832b1b2da0149c51de62a847c00bca1677a
Linux ceba1832b1b2da0149c51de62a847c00bca1677a < 0c813dbc851dbf418fdc6dc883fd0592d6c555cd
Linux ceba1832b1b2da0149c51de62a847c00bca1677a < 26ce90f1ce60b0ff587de8d6aec399aa55cab28e