SB2025082880 - Improper locking in Linux kernel netfilter
Published: August 28, 2025
Security Bulletin ID
SB2025082880
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper locking (CVE-ID: CVE-2025-38640)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nf_hook_run_bpf() function in net/netfilter/nf_bpf_link.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/0a356da16fb933abbeeb7aea038c351f3342cd3f
- https://git.kernel.org/stable/c/17ce3e5949bc37557305ad46316f41c7875d6366
- https://git.kernel.org/stable/c/62f6175d145e00fc999fd2fcbffad3f59253c66a
- https://git.kernel.org/stable/c/e0199c28167a8a4adec036005a8df268b2b68529
- https://git.kernel.org/stable/c/ee2502485702e4398cd74dbfb288bfa111d25e62