CVE-2025-38006

{"id": "CVE-2025-38006", "cveTags": [], "metrics": {}, "published": "2025-06-18T10:15:31.773", "references": [{"url": "https://git.kernel.org/stable/c/24fa213dffa470166ec014f979f36c6ff44afb45", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/acab78ae12c7fefb4f3bfe22e00770a5faa42724", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/d4d1561d17eb72908e4489c0900d96e0484fac20", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/f11cf946c0a92c560a890d68e4775723353599e1", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Don't access ifa_index when missing\n\nIn mctp_dump_addrinfo, ifa_index can be used to filter interfaces, but\nonly when the struct ifaddrmsg is provided. Otherwise it will be\ncomparing to uninitialised memory - reproducible in the syzkaller case from\ndhcpd, or busybox \"ip addr show\".\n\nThe kernel MCTP implementation has always filtered by ifa_index, so\nexisting userspace programs expecting to dump MCTP addresses must\nalready be passing a valid ifa_index value (either 0 or a real index).\n\nBUG: KMSAN: uninit-value in mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128\n mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128\n rtnl_dump_all+0x3ec/0x5b0 net/core/rtnetlink.c:4380\n rtnl_dumpit+0xd5/0x2f0 net/core/rtnetlink.c:6824\n netlink_dump+0x97b/0x1690 net/netlink/af_netlink.c:2309"}], "lastModified": "2025-06-18T13:46:52.973", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}