CVE-2025-38112

Source
https://nvd.nist.gov/vuln/detail/CVE-2025-38112
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38112.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-38112
Downstream
Related
Published
2025-07-03T09:15:24Z
Modified
2025-08-12T21:01:17Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

net: Fix TOCTOU issue in skisreadable()

sk->skprot->sockisreadable is a valid function pointer when sk resides in a sockmap. After the last skpsockput() (which usually happens when socket is removed from sockmap), sk->skprot gets restored and sk->skprot->sockis_readable becomes NULL.

This makes skisreadable() racy, if the value of sk->sk_prot is reloaded after the initial check. Which in turn may lead to a null pointer dereference.

Ensure the function pointer does not turn NULL after the check.

References

Affected packages