TLS Vulnerability in Linux Kernel Affecting Data Transmission
CVE-2025-38471

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 28 July 2025

What is CVE-2025-38471?

A vulnerability has been identified within the Linux kernel's TLS implementation, which could lead to use-after-free errors during data transmission. The issue arises when the queue is not accurately refreshed upon reading, resulting in the potential operation on outdated socket buffers (skbs). This flaw was exposed following recent enhancements to TCP that aggressively compact skbs. The incorrect handling of skbs can lead to a security risk, exposing systems to potential exploitation. It is critical for administrators to apply patches or updates addressing this issue to maintain a secure environment.

Affected Version(s)

Linux 0d87bbd39d7fd1135ab9eca672d760470f6508e8 < 730fed2ff5e259495712518e18d9f521f61972bb

Linux 0d87bbd39d7fd1135ab9eca672d760470f6508e8 < 1f3a429c21e0e43e8b8c55d30701e91411a4df02

Linux 0d87bbd39d7fd1135ab9eca672d760470f6508e8

References

https://git.kernel.org/stable/c/730fed2ff5e259495712518e1...

https://git.kernel.org/stable/c/1f3a429c21e0e43e8b8c55d30...

https://git.kernel.org/stable/c/cdb767915fc9a15d88d19d52a...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 28, 2025
Vulnerability Reserved
Apr 16, 2025