Linux Kernel NULL Dereference Vulnerability in ATM Clip Driver
CVE-2025-38251

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
9 July 2025

What is CVE-2025-38251?

A vulnerability in the ATM clip driver of the Linux kernel allows a NULL dereference, potentially causing system crashes. This issue arises when the function clip_push() is called with a NULL socket buffer, leading to a failure in reading skb->truesize if the device list is also NULL. The flaw has been addressed in recent commits, ensuring enhanced stability and performance in handling ATM devices.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 93a2014afbace907178afc3c9c1e62c9a338595a < 41f6420ee845006354c004839fed07da71e34aee

Linux 93a2014afbace907178afc3c9c1e62c9a338595a < 9199e8cb75f13a1650adcb3c6cad42789c43884e

Linux 93a2014afbace907178afc3c9c1e62c9a338595a < 88c88f91f4b3563956bb52e7a71a3640f7ece157

References

https://git.kernel.org/stable/c/41f6420ee845006354c004839...
https://git.kernel.org/stable/c/9199e8cb75f13a1650adcb3c6...
https://git.kernel.org/stable/c/88c88f91f4b3563956bb52e7a...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.