CVE-2025-38375

UNKNOWN 0.0

virtio-net: ensure the received length does not exceed allocated size

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: virtio-net: ensure the received length does not exceed allocated size In xdp_linearize_page, when reading the following buffers from the ring, we forget to check the received length with the true allocate size. This can lead to an out-of-bound read. This commit adds that missing check.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Jul 25, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

4941d472bf95b4345d6e38906fcf354e74afa311 < 773e95c268b5d859f51f7547559734fd2a57660c 4941d472bf95b4345d6e38906fcf354e74afa311 < ddc8649d363141fb3371dd81a73e1cb4ef8ed1e1 4941d472bf95b4345d6e38906fcf354e74afa311 < 982beb7582c193544eb9c6083937ec5ac1c9d651 4941d472bf95b4345d6e38906fcf354e74afa311 < 6aca3dad2145e864dfe4d1060f45eb1bac75dd58 4941d472bf95b4345d6e38906fcf354e74afa311 < 80b971be4c37a4d23a7f1abc5ff33dc7733d649b 4941d472bf95b4345d6e38906fcf354e74afa311 < bc68bc3563344ccdc57d1961457cdeecab8f81ef 4941d472bf95b4345d6e38906fcf354e74afa311 < 11f2d0e8be2b5e784ac45fa3da226492c3e506d8 4941d472bf95b4345d6e38906fcf354e74afa311 < 315dbdd7cdf6aa533829774caaf4d25f1fd20e73

Linux / Linux

4.14

References

NVD ↗ CVE.org ↗ EPSS Data ↗