Out-of-Bound Read Vulnerability in Linux Kernel's virtio-net
CVE-2025-38375

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
25 July 2025

What is CVE-2025-38375?

A critical vulnerability exists in the Linux kernel's virtio-net component due to insufficient validation of received buffer lengths compared to allocated sizes. This oversight can lead to out-of-bounds reads during the processing of network data, potentially exposing sensitive information or allowing attackers to exploit system memory. A recent commit addresses this vulnerability by adding necessary checks to ensure received lengths do not exceed the allocated sizes.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 4941d472bf95b4345d6e38906fcf354e74afa311 < 773e95c268b5d859f51f7547559734fd2a57660c

Linux 4941d472bf95b4345d6e38906fcf354e74afa311

Linux 4941d472bf95b4345d6e38906fcf354e74afa311 < 982beb7582c193544eb9c6083937ec5ac1c9d651

References

https://git.kernel.org/stable/c/773e95c268b5d859f51f75475...
https://git.kernel.org/stable/c/ddc8649d363141fb3371dd81a...
https://git.kernel.org/stable/c/982beb7582c193544eb9c6083...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.