Memory Management Issue in Linux Kernel Affecting Socket Services
CVE-2025-38514

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
16 August 2025

What is CVE-2025-38514?

This vulnerability exists within the Linux kernel and affects AF_RXRPC service sockets where, if calls are preallocated and there is no rxrpc_backlog structure, it may lead to system crashes. Specifically, if an AF_RXRPC socket is opened and bound, the function rxrpc_alloc_incoming_call() fails when it tries to reference a non-existent backlog structure. The resolution involves returning NULL in such cases to prevent incoming calls from being mishandled, thereby ensuring system stability.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/bf0ca6a1bc4fb904b598137c6...
https://git.kernel.org/stable/c/f7afb3ff01c42c49e8a143cdc...
https://git.kernel.org/stable/c/f5e72b7824d08c206ce106d30...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-38514 : Memory Management Issue in Linux Kernel Affecting Socket Services