SB2025082855 - Out-of-bounds read in Linux kernel netfilter
Published: August 28, 2025
Security Bulletin ID
SB2025082855
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Out-of-bounds read (CVE-ID: CVE-2025-38639)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nfacct_mt_checkentry() function in net/netfilter/xt_nfacct.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/58004aa21e79addaf41667bfe65e93ec51653f18
- https://git.kernel.org/stable/c/58007fc7b94fb2702000045ff401eb7f5bde7828
- https://git.kernel.org/stable/c/7c1ae471da69c09242834e956218ea6a42dd405a
- https://git.kernel.org/stable/c/bf58e667af7d96c8eb9411f926a0a0955f41ce21
- https://git.kernel.org/stable/c/df13c9c6ce1d55c31d1bd49db65a7fbbd86aab13
- https://git.kernel.org/stable/c/e18939176e657a3a20bfbed357b8c55a9f82aba3