SB2025072716 - Use-after-free in Linux kernel tipc
Published: July 27, 2025
Security Bulletin ID
SB2025072716
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Use-after-free (CVE-ID: CVE-2025-38464)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tipc_topsrv_stop() function in net/tipc/topsrv.c. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/03dcdd2558e1e55bf843822fe4363dcb48743f2b
- https://git.kernel.org/stable/c/15a6f4971e2f157d57e09ea748d1fbc714277aa4
- https://git.kernel.org/stable/c/1dbf7cd2454a28b1da700085b99346b5445aeabb
- https://git.kernel.org/stable/c/3b89e17b2fd64012682bed158d9eb3d2e96dec42
- https://git.kernel.org/stable/c/50aa2d121bc2cfe2d825f8a331ea75dfaaab6a50
- https://git.kernel.org/stable/c/667eeab4999e981c96b447a4df5f20bdf5c26f13
- https://git.kernel.org/stable/c/be4b8392da7978294f2f368799d29dd509fb6c4d
- https://git.kernel.org/stable/c/dab8ded2e5ff41012a6ff400b44dbe76ccf3592a