{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-38375","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-04-16T04:51:24.009Z","datePublished":"2025-07-25T12:53:17.629Z","dateUpdated":"2026-05-11T21:26:46.437Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:26:46.437Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-net: ensure the received length does not exceed allocated size\n\nIn xdp_linearize_page, when reading the following buffers from the ring,\nwe forget to check the received length with the true allocate size. This\ncan lead to an out-of-bound read. This commit adds that missing check."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/virtio_net.c"],"versions":[{"version":"4941d472bf95b4345d6e38906fcf354e74afa311","lessThan":"773e95c268b5d859f51f7547559734fd2a57660c","status":"affected","versionType":"git"},{"version":"4941d472bf95b4345d6e38906fcf354e74afa311","lessThan":"ddc8649d363141fb3371dd81a73e1cb4ef8ed1e1","status":"affected","versionType":"git"},{"version":"4941d472bf95b4345d6e38906fcf354e74afa311","lessThan":"982beb7582c193544eb9c6083937ec5ac1c9d651","status":"affected","versionType":"git"},{"version":"4941d472bf95b4345d6e38906fcf354e74afa311","lessThan":"6aca3dad2145e864dfe4d1060f45eb1bac75dd58","status":"affected","versionType":"git"},{"version":"4941d472bf95b4345d6e38906fcf354e74afa311","lessThan":"80b971be4c37a4d23a7f1abc5ff33dc7733d649b","status":"affected","versionType":"git"},{"version":"4941d472bf95b4345d6e38906fcf354e74afa311","lessThan":"bc68bc3563344ccdc57d1961457cdeecab8f81ef","status":"affected","versionType":"git"},{"version":"4941d472bf95b4345d6e38906fcf354e74afa311","lessThan":"11f2d0e8be2b5e784ac45fa3da226492c3e506d8","status":"affected","versionType":"git"},{"version":"4941d472bf95b4345d6e38906fcf354e74afa311","lessThan":"315dbdd7cdf6aa533829774caaf4d25f1fd20e73","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/virtio_net.c"],"versions":[{"version":"4.14","status":"affected"},{"version":"0","lessThan":"4.14","status":"unaffected","versionType":"semver"},{"version":"5.4.297","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.241","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.189","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.144","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.97","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.37","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.15.6","lessThanOrEqual":"6.15.*","status":"unaffected","versionType":"semver"},{"version":"6.16","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"5.4.297"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"5.10.241"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"5.15.189"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"6.1.144"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"6.6.97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"6.12.37"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"6.15.6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"6.16"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/773e95c268b5d859f51f7547559734fd2a57660c"},{"url":"https://git.kernel.org/stable/c/ddc8649d363141fb3371dd81a73e1cb4ef8ed1e1"},{"url":"https://git.kernel.org/stable/c/982beb7582c193544eb9c6083937ec5ac1c9d651"},{"url":"https://git.kernel.org/stable/c/6aca3dad2145e864dfe4d1060f45eb1bac75dd58"},{"url":"https://git.kernel.org/stable/c/80b971be4c37a4d23a7f1abc5ff33dc7733d649b"},{"url":"https://git.kernel.org/stable/c/bc68bc3563344ccdc57d1961457cdeecab8f81ef"},{"url":"https://git.kernel.org/stable/c/11f2d0e8be2b5e784ac45fa3da226492c3e506d8"},{"url":"https://git.kernel.org/stable/c/315dbdd7cdf6aa533829774caaf4d25f1fd20e73"}],"title":"virtio-net: ensure the received length does not exceed allocated size","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"},{"url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T17:37:12.435Z"}}]}}