Netfilter Vulnerability in Linux Kernel Affecting Device Management
CVE-2025-38678
Key Information:
Badges
What is CVE-2025-38678?
In the Linux kernel, a flaw was identified in the netfilter subsystem that allows for chain and flowtable updates to include duplicated devices within the same transaction batch. When this occurs, the system fails to remove all instances of the duplicated device correctly, leaving one unregistered and potentially causing issues in processing netdev events. The vulnerability emphasizes the need for robust checks when handling device updates to prevent such conflicts, ensuring that transactions are clean and that all devices are properly registered and unregistered.
Affected Version(s)
Linux 78d9f48f7f44431a25da2b46b3a8812f6ff2b981 < 0521e694d5b80899fba8695881a6349f9bc538cb
Linux 78d9f48f7f44431a25da2b46b3a8812f6ff2b981 < 4681960bc0f4f8bcc782cbf2fd205f48ad314dfd
Linux 78d9f48f7f44431a25da2b46b3a8812f6ff2b981 < 4ce2a0c3b8497a66cfc25fc7ca3d087258a785d2
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.