Netfilter Vulnerability in Linux Kernel Affecting Device Management
CVE-2025-38678
Key Information:
Badges
What is CVE-2025-38678?
In the Linux kernel, a flaw was identified in the netfilter subsystem that allows for chain and flowtable updates to include duplicated devices within the same transaction batch. When this occurs, the system fails to remove all instances of the duplicated device correctly, leaving one unregistered and potentially causing issues in processing netdev events. The vulnerability emphasizes the need for robust checks when handling device updates to prevent such conflicts, ensuring that transactions are clean and that all devices are properly registered and unregistered.
Affected Version(s)
Linux 78d9f48f7f44431a25da2b46b3a8812f6ff2b981 < 3f358a66a04513311668ea4b40f5064e253d8386
Linux 78d9f48f7f44431a25da2b46b3a8812f6ff2b981
Linux 78d9f48f7f44431a25da2b46b3a8812f6ff2b981
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.