VDB

DEBIAN-CVE-2025-38120

DEBIAN-CVE-2025-38120 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo_avx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early fix was incomplete and did only fix up the generic C implementation. A followup patch adds a test case to nft_concat_range.sh.

Risk Scores

CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Debian:14linux0, 0
Debian:11linux-6.16.1.148-1, 6.1.147-1, 6.1.106-3~deb11u1
Debian:12linux6.1.106-1, 6.1.38-2, 6.1.66-1
Debian:13linux0, 0

Exploit Intelligence

Timeline

  • Jul 3, 2025 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›