Description

In the Linux kernel, the following vulnerability has been resolved: xfrm: state: initialize state_ptrs earlier in xfrm_state_find In case of preemption, xfrm_state_look_at will find a different pcpu_id and look up states for that other CPU. If we matched a state for CPU2 in the state_cache while the lookup started on CPU1, we will jump to "found", but the "best" state that we got will be ignored and we will enter the "acquire" block. This block uses state_ptrs, which isn't initialized at this point. Let's initialize state_ptrs just after taking rcu_read_lock. This will also prevent a possible misuse in the future, if someone adjusts this function.

INFO

Published Date :

2025-08-22T16:04:12.688Z

Last Modified :

2026-01-11T16:29:22.708Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-38675 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-38675.

URL Resource
https://git.kernel.org/stable/c/463562f9591742be62ddde3b426a0533ed496955 cve-icon cve-icon
https://git.kernel.org/stable/c/6bf2daafc51bcb9272c0fdff2afd38217337d0d3 cve-icon cve-icon
https://git.kernel.org/stable/c/94d077c331730510d5611b438640a292097341f0 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025082205-CVE-2025-38675-5eac@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-38675 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-38675 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact