Linux Kernel Vulnerability in TCP Data Handling
CVE-2025-38463

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 25 July 2025

What is CVE-2025-38463?

A vulnerability in the Linux kernel's TCP data handling can lead to improper space calculations, risking memory overflow. When sending data, if a socket buffer (skb) exists at the tail of the write queue, faulty code checks for available space, leading to incorrect signedness in calculations. This flaw results in excessive values assigned to sk->sk_forward_alloc, which can overflow and potentially compromise system stability and security. Real-world exploitation may occur, emphasizing the importance of immediate updates to maintain protection.

Affected Version(s)

Linux 270a1c3de47e49dd2fc18f48e46b101e48050e78 < 81373cd1d72d87c7d844d4454a526b8f53e72d00

Linux 270a1c3de47e49dd2fc18f48e46b101e48050e78 < 62e6160cfb5514787bda833d466509edc38fde23

Linux 270a1c3de47e49dd2fc18f48e46b101e48050e78 < 9f164fa6bb09fbcc60fa5c3ff551ce9eec1befd7

References

https://git.kernel.org/stable/c/81373cd1d72d87c7d844d4454...

https://git.kernel.org/stable/c/62e6160cfb5514787bda833d4...

https://git.kernel.org/stable/c/9f164fa6bb09fbcc60fa5c3ff...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2025
Vulnerability Reserved
Apr 16, 2025