CVE-2025-38570

{"id": "CVE-2025-38570", "cveTags": [], "metrics": {}, "published": "2025-08-19T17:15:33.810", "references": [{"url": "https://git.kernel.org/stable/c/21d3f8441c7f317b93ba6a8029610c8b7e3773db", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/4b31bcb025cb497da2b01f87173108ff32d350d2", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/4b59f9deff3bdb52b223c85048f1d2924803b817", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Received", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: fbnic: unlink NAPIs from queues on error to open\n\nCI hit a UaF in fbnic in the AF_XDP portion of the queues.py test.\nThe UaF is in the __sk_mark_napi_id_once() call in xsk_bind(),\nNAPI has been freed. Looks like the device failed to open earlier,\nand we lack clearing the NAPI pointer from the queue."}], "lastModified": "2025-08-19T17:15:33.810", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}