CVE-2025-38251 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: atm: clip: prevent NULL deref in clip_push() Blamed commit missed that vcc_destroy_socket() calls clip_push() with a NULL skb. If clip_devs is NULL, clip_push() then crashes when reading skb->truesize.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/3c709dce16999bf6a1d2ce377deb5dd6fdd8cb08
https://git.kernel.org/stable/c/41f6420ee845006354c004839fed07da71e34aee
https://git.kernel.org/stable/c/88c88f91f4b3563956bb52e7a71a3640f7ece157
https://git.kernel.org/stable/c/9199e8cb75f13a1650adcb3c6cad42789c43884e
https://git.kernel.org/stable/c/a07005a77b18ae59b8471e7e4d991fa9f642b3c2
https://git.kernel.org/stable/c/b993ea46b3b601915ceaaf3c802adf11e7d6bac6
https://git.kernel.org/stable/c/ede31ad949ae0d03cb4c5edd79991586ad7c8bb8
https://lore.kernel.org/linux-cve-announce/2025070934-CVE-2025-38251-3894@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2025-38251
https://www.cve.org/CVERecord?id=CVE-2025-38251

History

Thu, 17 Jul 2025 17:15:00 +0000

Type	Values Removed	Values Added
References		https://git.kernel.org/stable/c/41f6420ee845006354c004839fed07da71e34aee

Tue, 15 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00024}`	epss `{'score': 0.00032}`

Fri, 11 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00018}`	epss `{'score': 0.00024}`

Thu, 10 Jul 2025 14:30:00 +0000

Type	Values Removed	Values Added
References		https://git.kernel.org/stable/c/9199e8cb75f13a1650adcb3c6cad42789c43884e

Thu, 10 Jul 2025 00:45:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025070934-CVE-2025-38251-3894@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-38251 https://www.cve.org/CVERecord?id=CVE-2025-38251
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Moderate`

Wed, 09 Jul 2025 10:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: atm: clip: prevent NULL deref in clip_push() Blamed commit missed that vcc_destroy_socket() calls clip_push() with a NULL skb. If clip_devs is NULL, clip_push() then crashes when reading skb->truesize.
Title		atm: clip: prevent NULL deref in clip_push()
References		https://git.kernel.org/stable/c/3c709dce16999bf6a1d2ce377deb5dd6fdd8cb08 https://git.kernel.org/stable/c/88c88f91f4b3563956bb52e7a71a3640f7ece157 https://git.kernel.org/stable/c/a07005a77b18ae59b8471e7e4d991fa9f642b3c2 https://git.kernel.org/stable/c/b993ea46b3b601915ceaaf3c802adf11e7d6bac6 https://git.kernel.org/stable/c/ede31ad949ae0d03cb4c5edd79991586ad7c8bb8

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-07-09T10:42:30.877Z

Updated: 2025-07-28T04:16:13.533Z

Reserved: 2025-04-16T04:51:23.997Z

Link: CVE-2025-38251

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-07-09T11:15:27.310

Modified: 2025-07-17T17:15:39.000

Link: CVE-2025-38251

Redhat

Severity : Moderate

Publid Date: 2025-07-09T00:00:00Z

Links: CVE-2025-38251 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object