CVE-2025-38006

In the Linux kernel, the following vulnerability has been resolved: net: mctp: Don't access ifa_index when missing In mctp_dump_addrinfo, ifa_index can be used to filter interfaces, but only when the struct ifaddrmsg is provided. Otherwise it will be comparing to uninitialised memory - reproducible in the syzkaller case from dhcpd, or busybox "ip addr show". The kernel MCTP implementation has always filtered by ifa_index, so existing userspace programs expecting to dump MCTP addresses must already be passing a valid ifa_index value (either 0 or a real index). BUG: KMSAN: uninit-value in mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128 mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128 rtnl_dump_all+0x3ec/0x5b0 net/core/rtnetlink.c:4380 rtnl_dumpit+0xd5/0x2f0 net/core/rtnetlink.c:6824 netlink_dump+0x97b/0x1690 net/netlink/af_netlink.c:2309

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/24fa213dffa470166ec014f979f36c6ff44afb45	Patch
https://git.kernel.org/stable/c/acab78ae12c7fefb4f3bfe22e00770a5faa42724	Patch
https://git.kernel.org/stable/c/d4d1561d17eb72908e4489c0900d96e0484fac20	Patch
https://git.kernel.org/stable/c/f11cf946c0a92c560a890d68e4775723353599e1	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc6::::::

History

14 Nov 2025, 16:42

Type	Values Removed	Values Added
CWE		CWE-908
CPE		cpe:2.3:o:linux:linux_kernel:6.15:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.15:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.15:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.15:rc4:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.15:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.15:rc2::::::
First Time		Linux linux Kernel Linux
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
References	~~() https://git.kernel.org/stable/c/24fa213dffa470166ec014f979f36c6ff44afb45 -~~	() https://git.kernel.org/stable/c/24fa213dffa470166ec014f979f36c6ff44afb45 - Patch
References	~~() https://git.kernel.org/stable/c/acab78ae12c7fefb4f3bfe22e00770a5faa42724 -~~	() https://git.kernel.org/stable/c/acab78ae12c7fefb4f3bfe22e00770a5faa42724 - Patch
References	~~() https://git.kernel.org/stable/c/d4d1561d17eb72908e4489c0900d96e0484fac20 -~~	() https://git.kernel.org/stable/c/d4d1561d17eb72908e4489c0900d96e0484fac20 - Patch
References	~~() https://git.kernel.org/stable/c/f11cf946c0a92c560a890d68e4775723353599e1 -~~	() https://git.kernel.org/stable/c/f11cf946c0a92c560a890d68e4775723353599e1 - Patch

Information

Published : 2025-06-18 10:15

Updated : 2025-11-14 16:42

NVD link : CVE-2025-38006

Mitre link : CVE-2025-38006

CVE.ORG link : CVE-2025-38006

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-908

Use of Uninitialized Resource

5.5 /10