Netfilter Vulnerability in Linux Kernel Affecting Device Management
CVE-2025-38678

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 3 September 2025

What is CVE-2025-38678?

In the Linux kernel, a flaw was identified in the netfilter subsystem that allows for chain and flowtable updates to include duplicated devices within the same transaction batch. When this occurs, the system fails to remove all instances of the duplicated device correctly, leaving one unregistered and potentially causing issues in processing netdev events. The vulnerability emphasizes the need for robust checks when handling device updates to prevent such conflicts, ensuring that transactions are clean and that all devices are properly registered and unregistered.

Affected Version(s)

Linux 78d9f48f7f44431a25da2b46b3a8812f6ff2b981

Linux 5.8

References

https://git.kernel.org/stable/c/d7615bde541f16517d6790412...

https://git.kernel.org/stable/c/cf5fb87fcdaaaafec55dcc0dc...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 3, 2025
Vulnerability Reserved
Apr 16, 2025