CVE-2025-38618
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-22

Last updated on: 2025-11-03

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDR_PORT_ANY It is possible for a vsock to autobind to VMADDR_PORT_ANY. This can cause a use-after-free when a connection is made to the bound socket. The socket returned by accept() also has port VMADDR_PORT_ANY but is not on the list of unbound sockets. Binding it will result in an extra refcount decrement similar to the one fixed in fcdd2242c023 (vsock: Keep the binding until socket destruction). Modify the check in __vsock_bind_connectible() to also prevent binding to VMADDR_PORT_ANY.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-22
Last Modified
2025-11-03
Generated
2026-06-16
AI Q&A
2025-08-22
EPSS Evaluated
2026-06-14
NVD
CVE-2025-38618
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
linux linux_kernel 5.10.244
linux linux_kernel 6.1.153
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in the Linux kernel's vsock subsystem allows a socket to autobind to VMADDR_PORT_ANY, which can lead to a use-after-free error when a connection is made to that socket. The socket returned by accept() also has port VMADDR_PORT_ANY but is not properly tracked, so binding it can cause an extra reference count decrement, potentially leading to memory corruption or instability. The fix involves preventing binding to VMADDR_PORT_ANY to avoid this issue.

Impact Analysis

This vulnerability can cause use-after-free conditions in the Linux kernel, which may lead to memory corruption, system instability, crashes, or potentially allow an attacker to execute arbitrary code or cause denial of service on affected systems.

Mitigation Strategies

Update the Linux kernel to a version that includes the fix for this vulnerability, which prevents binding to VMADDR_PORT_ANY in vsock. This will avoid the use-after-free issue caused by autobinding to VMADDR_PORT_ANY.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-38618. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart