Denial of Service Vulnerability in Linux Kernel Affects Multiple Devices
CVE-2025-38402

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 25 July 2025

What is CVE-2025-38402?

A vulnerability in the Linux kernel arises from improper handling of Return Size Specification (RSS) keys. Devices lacking support for RSS capabilities may encounter issues when the command 'ethtool -x eth0' is executed, potentially causing failures in memory allocation. This occurs due to the function returning an unsupported error size, leading to inefficiencies and instability across the affected systems.

Affected Version(s)

Linux 02cbfba1add5bd9088c7d14c6b93b77a6ea8f3bb < 018ff57fd79c38be989b8b3248bbe69bcfb77160

Linux 02cbfba1add5bd9088c7d14c6b93b77a6ea8f3bb < 326e384ee7acbebf0541ac064ac7a4dd1f1dde1d

Linux 02cbfba1add5bd9088c7d14c6b93b77a6ea8f3bb

References

https://git.kernel.org/stable/c/018ff57fd79c38be989b8b324...

https://git.kernel.org/stable/c/326e384ee7acbebf0541ac064...

https://git.kernel.org/stable/c/f77bf1ebf8ff6301ccdbc346f...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2025
Vulnerability Reserved
Apr 16, 2025