CVE-2025-38124
📋 TL;DR
A memory corruption vulnerability in the Linux kernel's UDP Generic Segmentation Offload (GSO) implementation can cause kernel panics when processing specially crafted network packets. Systems running affected Linux kernel versions with UDP GSO enabled are vulnerable, particularly those using NAT, BPF hooks, or other packet modification features.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially affecting multiple systems in a network.
Likely Case
System crash or instability when processing malformed UDP packets, causing service disruption.
If Mitigated
No impact if patched or UDP GSO is disabled.
🎯 Exploit Status
Exploitation requires crafting UDP packets that trigger the fraglist geometry violation, which may require specific network conditions or packet modifications.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check kernel commits: 0e65f38bd1aa14ea86e221b7bb814d38278d86c3, 3382a1ed7f778db841063f5d7e317ac55f9e7f72, 4399f59a9467a324ed46657555f0e1f209a14acb, 85eef1748c024da1a191aed56b30a3a65958c50c, a04302867094bdc6efac1b598370fc47cf3f2388
Vendor Advisory: https://git.kernel.org/stable/c/0e65f38bd1aa14ea86e221b7bb814d38278d86c3
Restart Required: Yes
Instructions:
1. Update Linux kernel to a version containing the fix commits. 2. Reboot the system to load the new kernel.
🔧 Temporary Workarounds
Disable UDP GSO
linuxDisable UDP Generic Segmentation Offload to prevent the vulnerable code path from being triggered.
ethtool -K <interface> gso off
ethtool -K <interface> gro off
🧯 If You Can't Patch
- Implement network filtering to block suspicious UDP traffic to vulnerable systems.
- Isolate vulnerable systems from untrusted networks and limit internal network exposure.
🔍 How to Verify
Check if Vulnerable:
Check kernel version and compare with patched versions in kernel commit references.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes one of the fix commits: 0e65f38bd1aa14ea86e221b7bb814d38278d86c3, 3382a1ed7f778db841063f5d7e317ac55f9e7f72, 4399f59a9467a324ed46657555f0e1f209a14acb, 85eef1748c024da1a191aed56b30a3a65958c50c, or a04302867094bdc6efac1b598370fc47cf3f2388.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages mentioning skb_segment, UDP GSO, or fraglist segmentation
- System crash logs with call stack including skb_segment+0xcd0
Network Indicators:
- Unusual UDP packet patterns that might trigger fraglist geometry violations
SIEM Query:
Search for kernel logs containing 'skb_segment' or 'UDP GSO' error messages.🔗 References
- https://git.kernel.org/stable/c/0e65f38bd1aa14ea86e221b7bb814d38278d86c3
- https://git.kernel.org/stable/c/3382a1ed7f778db841063f5d7e317ac55f9e7f72
- https://git.kernel.org/stable/c/4399f59a9467a324ed46657555f0e1f209a14acb
- https://git.kernel.org/stable/c/85eef1748c024da1a191aed56b30a3a65958c50c
- https://git.kernel.org/stable/c/a04302867094bdc6efac1b598370fc47cf3f2388
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
