CVE-2025-38079
BaseFortify
Publication date: 2025-06-18
Last updated on: 2025-12-17
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 2.6.38 (inc) to 5.4.294 (exc) |
| linux | linux_kernel | From 5.5 (inc) to 5.10.238 (exc) |
| linux | linux_kernel | From 5.11 (inc) to 5.15.185 (exc) |
| linux | linux_kernel | From 5.16 (inc) to 6.1.141 (exc) |
| linux | linux_kernel | From 6.2 (inc) to 6.6.93 (exc) |
| linux | linux_kernel | From 6.7 (inc) to 6.12.31 (exc) |
| linux | linux_kernel | From 6.13 (inc) to 6.14.9 (exc) |
| linux | linux_kernel | 6.15 |
| linux | linux_kernel | 6.15 |
| linux | linux_kernel | 6.15 |
| linux | linux_kernel | 6.15 |
| linux | linux_kernel | 6.15 |
| linux | linux_kernel | 6.15 |
| linux | linux_kernel | 6.15 |
| debian | debian_linux | 11.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-415 | The product calls free() twice on the same memory address. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a double free issue in the Linux kernel's crypto subsystem, specifically in the algif_hash module. When the accept(2) system call is used on a socket of type algif_hash with the MSG_MORE flag set, and the function crypto_ahash_import fails, an internal object (sk2) is freed twice. This double free leads to a slab-use-after-free error, which can cause memory corruption or crashes.
How can this vulnerability impact me? :
The double free and subsequent use-after-free error can lead to memory corruption in the kernel, potentially causing system instability, crashes, or allowing an attacker to execute arbitrary code with kernel privileges. This can compromise the security and reliability of the affected system.