๐Ÿ” CVE Alert

CVE-2025-38574

UNKNOWN 0.0

pptp: ensure minimal skb length in pptp_xmit()

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

In the Linux kernel, the following vulnerability has been resolved: pptp: ensure minimal skb length in pptp_xmit() Commit aabc6596ffb3 ("net: ppp: Add bound checking for skb data on ppp_sync_txmung") fixed ppp_sync_txmunge() We need a similar fix in pptp_xmit(), otherwise we might read uninit data as reported by syzbot. BUG: KMSAN: uninit-value in pptp_xmit+0xc34/0x2720 drivers/net/ppp/pptp.c:193 pptp_xmit+0xc34/0x2720 drivers/net/ppp/pptp.c:193 ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2290 [inline] ppp_input+0x1d6/0xe60 drivers/net/ppp/ppp_generic.c:2314 pppoe_rcv_core+0x1e8/0x760 drivers/net/ppp/pppoe.c:379 sk_backlog_rcv+0x142/0x420 include/net/sock.h:1148 __release_sock+0x1d3/0x330 net/core/sock.c:3213 release_sock+0x6b/0x270 net/core/sock.c:3767 pppoe_sendmsg+0x15d/0xcb0 drivers/net/ppp/pppoe.c:904 sock_sendmsg_nosec net/socket.c:712 [inline] __sock_sendmsg+0x330/0x3d0 net/socket.c:727 ____sys_sendmsg+0x893/0xd80 net/socket.c:2566 ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620 __sys_sendmmsg+0x2d9/0x7c0 net/socket.c:2709

Vendor linux
Product linux
Ecosystems
Industries
Technology
Published Aug 19, 2025
Last Updated May 11, 2026
Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Linux / Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 97b8c5d322c5c0038cac4bc56fdbe237d0be426f 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 26672f1679b143aa34fca0b6046b7fd0c184770d 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 5de7513f38f3c19c0610294ee478242bea356f8c 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 504cc4ab91073d2ac7404ad146139f86ecee7193 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 5005d24377378a20e5c0e53052fc4ebdcdcbc611 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < ea99b88b1999ebcb24d5d3a6b7910030f40d3bba 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < b7dcda76fd0615c0599c89f36873a6cd48e02dbb 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 1a04db0fd75cb6034fc27a56b67b3b8b9022a98c 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < de9c4861fb42f0cd72da844c3c34f692d5895b7b
Linux / Linux
2.6.12

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
git.kernel.org: https://git.kernel.org/stable/c/97b8c5d322c5c0038cac4bc56fdbe237d0be426f git.kernel.org: https://git.kernel.org/stable/c/26672f1679b143aa34fca0b6046b7fd0c184770d git.kernel.org: https://git.kernel.org/stable/c/5de7513f38f3c19c0610294ee478242bea356f8c git.kernel.org: https://git.kernel.org/stable/c/504cc4ab91073d2ac7404ad146139f86ecee7193 git.kernel.org: https://git.kernel.org/stable/c/5005d24377378a20e5c0e53052fc4ebdcdcbc611 git.kernel.org: https://git.kernel.org/stable/c/ea99b88b1999ebcb24d5d3a6b7910030f40d3bba git.kernel.org: https://git.kernel.org/stable/c/b7dcda76fd0615c0599c89f36873a6cd48e02dbb git.kernel.org: https://git.kernel.org/stable/c/1a04db0fd75cb6034fc27a56b67b3b8b9022a98c git.kernel.org: https://git.kernel.org/stable/c/de9c4861fb42f0cd72da844c3c34f692d5895b7b lists.debian.org: https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html lists.debian.org: https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html