Linux Kernel BPF Vulnerability in Network Filtering
CVE-2025-38640

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
22 August 2025

What is CVE-2025-38640?

The Linux kernel has a vulnerability that affects the execution of BPF (Berkeley Packet Filter) programs within the netfilter framework. This issue arises when the netfilter BPF program is executed without the migration being properly disabled in the transmission path, leading to assertion failures in the processing of BPF programs. This flaw may potentially allow for unexpected behaviors or crashes, impacting network reliability and security.

Affected Version(s)

Linux fd9c663b9ad67dedfc9a3fd3429ddd3e83782b4d

Linux fd9c663b9ad67dedfc9a3fd3429ddd3e83782b4d < 62f6175d145e00fc999fd2fcbffad3f59253c66a

Linux fd9c663b9ad67dedfc9a3fd3429ddd3e83782b4d

References

https://git.kernel.org/stable/c/ee2502485702e4398cd74dbfb...
https://git.kernel.org/stable/c/62f6175d145e00fc999fd2fcb...
https://git.kernel.org/stable/c/e0199c28167a8a4adec036005...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-38640 : Linux Kernel BPF Vulnerability in Network Filtering