Slab Out-of-Bounds Vulnerability in Linux Kernel Affecting Netfilter
CVE-2025-38639

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 22 August 2025

What is CVE-2025-38639?

A vulnerability has been identified in the Linux kernel related to the netfilter component, particularly in the xt_nfacct function. The flaw occurs due to incorrect handling of non-null input, leading to a slab out-of-bounds scenario. A specific input may provoke a read of unintended memory space, potentially resulting in erratic behavior or crashes. This oversight affects the error logging mechanism, which incorrectly assumes that account names are null-terminated, thus compromising the integrity of network filtering operations.

Affected Version(s)

Linux ceb98d03eac5704820f2ac1f370c9ff385e3a9f5

Linux ceb98d03eac5704820f2ac1f370c9ff385e3a9f5 < 58004aa21e79addaf41667bfe65e93ec51653f18

Linux ceb98d03eac5704820f2ac1f370c9ff385e3a9f5 < 7c1ae471da69c09242834e956218ea6a42dd405a

References

https://git.kernel.org/stable/c/e18939176e657a3a20bfbed35...

https://git.kernel.org/stable/c/58004aa21e79addaf41667bfe...

https://git.kernel.org/stable/c/7c1ae471da69c09242834e956...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 22, 2025
Vulnerability Reserved
Apr 16, 2025