CVE-2025-38550 — Linux vulnerability

35 documents8 sources

Severity

7.8HIGHNVD

EPSS

0.0%

top 95.84%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedAug 16

Latest updateMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: Delay put pmc->idev in mld_del_delrec() pmc->idev is still used in ip6_mc_clear_src(), so as mld_clear_delrec() does, the reference should be put after ip6_mc_clear_src() return.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

▶NVDlinux/linux_kernel5.13 — 5.15.190+5

▶Debianlinux/linux_kernel< 6.1.147-1+2

▶CVEListV5linux/linux63ed8de4be81b699ca727e9f8e3344bd487806d7 — 6e4eec86fe5f6b3fdbc702d1d36ac2a6e7ec0806+6

Also affects: Debian Linux 11.0

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

CVEList

ipv6: mcast: Delay put pmc->idev in mld_del_delrec()↗2025-08-16

▶

OSV

CVE-2025-38550: In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: Delay put pmc->idev in mld_del_delrec() pmc->idev is still used in ip↗2025-08-16

▶

GHSA

GHSA-j928-v9rj-pq95: In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: Delay put pmc->idev in mld_del_delrec() pmc->idev is still used in↗2025-08-16

▶

📋Vendor Advisories

Ubuntu

Linux kernel (Azure) vulnerabilities↗2026-03-25

▶

Ubuntu

Linux kernel (Azure) vulnerabilities↗2026-03-04

▶

Ubuntu

Linux kernel (Azure FIPS) vulnerabilities↗2026-03-04

▶

Ubuntu

Linux kernel (Xilinx) vulnerabilities↗2026-02-24

▶

Ubuntu

Linux kernel (IBM) vulnerabilities↗2026-02-24

▶