CVE-2025-38460
MEDIUM EPSS 5.8%
Published Jul 25, 202511mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Published Jul 25, 2025 11mo ago
Last Modified Jun 17, 2026 1w ago
Description
In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix potential null-ptr-deref in to_atmarpd(). atmarpd is protected by RTNL since commit f3a0592b37b8 ("[ATM]: clip causes unregister hang"). However, it is not enough because to_atmarpd() is called without RTNL, especially clip_neigh_solicit() / neigh_ops->solicit() is unsleepable. Also, there is no RTNL dependency around atmarpd. Let's use a private mutex and RCU to protect access to atmarpd in to_atmarpd().
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
5.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-476 NULL Pointer Dereference Memory Safety
Affected Products 18
| Vendor | Product | Version | Range |
|---|---|---|---|
| linux | linux_kernel | * | ≥2.6.13 – <5.4.296 |
| linux | linux_kernel | * | ≥5.5 – <5.10.240 |
| linux | linux_kernel | * | ≥5.11 – <5.15.189 |
| linux | linux_kernel | * | ≥5.16 – <6.1.146 |
| linux | linux_kernel | * | ≥6.2 – <6.6.99 |
| linux | linux_kernel | * | ≥6.7 – <6.12.39 |
| linux | linux_kernel | * | ≥6.13 – <6.15.7 |
| linux | linux_kernel | 2.6.12 | any |
| linux | linux_kernel | 2.6.12 | any |
| linux | linux_kernel | 2.6.12 | any |
| linux | linux_kernel | 2.6.12 | any |
| linux | linux_kernel | 2.6.12 | any |
| linux | linux_kernel | 6.16 | any |
| linux | linux_kernel | 6.16 | any |
| linux | linux_kernel | 6.16 | any |
| linux | linux_kernel | 6.16 | any |
| linux | linux_kernel | 6.16 | any |
| debian | debian_linux | 11.0 | any |
References 10
- git.kernel.org https://git.kernel.org/stable/c/06935c50cfa3ac57cce80bba67b6d38ec1406e92
- git.kernel.org https://git.kernel.org/stable/c/3251ce3979f41bd228f77a7615f9dd616d06a110
- git.kernel.org https://git.kernel.org/stable/c/36caab990b69ef4eec1d81c52a19f080b7daa059
- git.kernel.org https://git.kernel.org/stable/c/706cc36477139c1616a9b2b96610a8bb520b7119
- git.kernel.org https://git.kernel.org/stable/c/70eac9ba7ce25d99c1d99bbf4ddb058940f631f9
- git.kernel.org https://git.kernel.org/stable/c/a4c5785feb979cd996a99cfaad8bf353b2e79301
- git.kernel.org https://git.kernel.org/stable/c/ee4d9e4ddf3f9c4ee2ec0a3aad6196ee36d30e57
- git.kernel.org https://git.kernel.org/stable/c/f58e4270c73e7f086322978d585ea67c8076ce49
- lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Remediation
- git.kernel.org https://git.kernel.org/stable/c/06935c50cfa3ac57cce80bba67b6d38ec1406e92
- git.kernel.org https://git.kernel.org/stable/c/3251ce3979f41bd228f77a7615f9dd616d06a110
- git.kernel.org https://git.kernel.org/stable/c/36caab990b69ef4eec1d81c52a19f080b7daa059
- git.kernel.org https://git.kernel.org/stable/c/706cc36477139c1616a9b2b96610a8bb520b7119
- git.kernel.org https://git.kernel.org/stable/c/70eac9ba7ce25d99c1d99bbf4ddb058940f631f9
- git.kernel.org https://git.kernel.org/stable/c/a4c5785feb979cd996a99cfaad8bf353b2e79301
- git.kernel.org https://git.kernel.org/stable/c/ee4d9e4ddf3f9c4ee2ec0a3aad6196ee36d30e57
- git.kernel.org https://git.kernel.org/stable/c/f58e4270c73e7f086322978d585ea67c8076ce49