CVE-2025-38639
Published: Aug 22, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_nfacct: don't assume acct name is null-terminated BUG: KASAN: slab-out-of-bounds in .. lib/vsprintf.c:721 Read of size 1 at addr ffff88801eac95c8 by task syz-executor183/5851 [..] string+0x231/0x2b0 lib/vsprintf.c:721 vsnprintf+0x739/0xf00 lib/vsprintf.c:2874 [..] nfacct_mt_checkentry+0xd2/0xe0 net/netfilter/xt_nfacct.c:41 xt_check_match+0x3d1/0xab0 net/netfilter/x_tables.c:523 nfnl_acct_find_get() handles non-null input, but the error printk relied on its presence.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected ceb98d03eac5704820f2ac1f370c9ff385e3a9f5 - < 66d41268ede1e1b6e71ba28be923397ff0b2b9c3affected ceb98d03eac5704820f2ac1f370c9ff385e3a9f5 - < e021a1eee196887536a6630c5492c23a4c78d452affected ceb98d03eac5704820f2ac1f370c9ff385e3a9f5 - < b10cfa2de13d28ddd03210eb234422b7ec92725aaffected ceb98d03eac5704820f2ac1f370c9ff385e3a9f5 - < e18939176e657a3a20bfbed357b8c55a9f82aba3affected ceb98d03eac5704820f2ac1f370c9ff385e3a9f5 - < 58004aa21e79addaf41667bfe65e93ec51653f18+4 more versions |
Linux | Linux | affected 3.3unaffected 0 - < 3.3unaffected 5.4.297 - <= 5.4.*unaffected 5.10.241 - <= 5.10.*unaffected 5.15.190 - <= 5.15.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now