Linux Kernel Netfilter Vulnerability Affecting All Versions
CVE-2025-38201

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 July 2025

What is CVE-2025-38201?

A memory management vulnerability in the Linux kernel's netfilter component has been resolved to prevent potential issues when resizing hashtables. The flaw allows for a scenario where the maximum bucket size could exceed safe limits, leading to potential instability during runtime operations. Specifically, this occurs due to the lack of proper constraints on the bucket size, resulting in warnings when memory allocation misbehaves. The fix clamps the maximum map bucket size to INT_MAX, ensuring safer memory allocation practices and promoting system reliability.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 0ab3de047808f375a36cd345225572eb3366f3c6

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/0ab3de047808f375a36cd3452...

https://git.kernel.org/stable/c/d2768016f091f8a5264076b43...

https://git.kernel.org/stable/c/b85e3367a5716ed3662a4fe26...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 4, 2025
Vulnerability Reserved
Apr 16, 2025