Use-After-Free Vulnerability in Linux Kernel Affecting IPv6 RPL Component
CVE-2025-38476

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
28 July 2025

What is CVE-2025-38476?

A critical use-after-free vulnerability has been identified in the IPv6 RPL component of the Linux Kernel. The flaw occurs in the function rpl_do_srh_inline(), where it attempts to access an IPv6 header after the associated socket buffer may have been freed, leading to potential exploitation scenarios. This vulnerability can affect the stability of the system, resulting in erroneous behavior when handling network packets. To mitigate this risk, a fix has been implemented by converting the header into a local structure rather than a pointer, ensuring proper memory management and enhancing system reliability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux a7a29f9c361f8542604ef959ae6627f423b7a412

Linux a7a29f9c361f8542604ef959ae6627f423b7a412 < 8ba6c2362b85089b8972ac5f20b24fc71a4b8ffc

Linux a7a29f9c361f8542604ef959ae6627f423b7a412

References

https://git.kernel.org/stable/c/c09e21dfc08d8afb92d9ea3be...
https://git.kernel.org/stable/c/8ba6c2362b85089b8972ac5f2...
https://git.kernel.org/stable/c/e8101506ab86dd78f823b7028...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.