Login Sign Up

CVE-2025-38184

5.5 MEDIUM
Denial of Service

📋 TL;DR

A null pointer dereference vulnerability in the Linux kernel's TIPC (Transparent Inter-Process Communication) subsystem allows local attackers to cause a kernel panic (denial of service) by triggering a race condition when querying remote IP addresses of Ethernet bearers. This affects Linux systems with TIPC enabled, particularly those using network namespaces or virtualization.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Linux kernel versions before fixes (specific versions in git commits listed in references)
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ✅ No
Notes: Only vulnerable if TIPC subsystem is enabled and configured with Ethernet bearers. Many distributions don't enable TIPC by default.

📦 What is this software?

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially disrupting critical services.

🟠

Likely Case

Local denial of service through kernel crash when malicious users trigger the race condition.

🟢

If Mitigated

Minimal impact if TIPC is disabled or systems have proper access controls limiting local user privileges.

🌐 Internet-Facing: LOW - Requires local access to trigger, not remotely exploitable.
🏢 Internal Only: MEDIUM - Local users or containers could cause system instability if TIPC is enabled.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploit requires local access and knowledge of TIPC configuration. The provided reproduction steps demonstrate a working proof-of-concept.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patched in kernel commits: 05d332ba075753d569d66333d62d60fff5f57ad8, 0d3d91c3500f0c480e016faa4e2259c588616e59, 0f4a72fb266e48dbe928e1d936eab149e4ac3e1b, 3998283e4c32c0fe69edd59b0876c193f50abce6, 8595350615f952fcf8bc861464a6bf6b1129af50

Vendor Advisory: https://git.kernel.org/stable/c/05d332ba075753d569d66333d62d60fff5f57ad8

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing fixes. 2. Reboot system. 3. Verify kernel version with 'uname -r'.

🔧 Temporary Workarounds

Disable TIPC module

linux

Prevent loading of TIPC kernel module if not required

echo 'install tipc /bin/false' >> /etc/modprobe.d/disable-tipc.conf
rmmod tipc

Restrict local user access

linux

Limit which users can interact with TIPC interfaces

chmod 600 /proc/net/tipc/*
setfacl -m u:root:rwx /proc/net/tipc/

🧯 If You Can't Patch

  • Disable TIPC entirely if not needed for system functionality
  • Implement strict access controls to prevent unauthorized local users from executing TIPC commands

🔍 How to Verify

Check if Vulnerable:

Check if TIPC is enabled: 'lsmod | grep tipc' and check kernel version against patched versions

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated and TIPC module loads without errors in dmesg

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages in /var/log/kern.log or dmesg
  • 'general protection fault' errors
  • 'KASAN: null-ptr-deref' warnings

Network Indicators:

  • Unusual TIPC network traffic patterns

SIEM Query:

source="kernel" AND ("general protection fault" OR "null-ptr-deref" OR "tipc")

📊 Metadata

CVE ID: CVE-2025-38184
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-476
EPSS Score: 0.03% exploit probability (8.7th percentile)
Published: July 4, 2025
Last Updated: December 18, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-38184, you might also want to check these:

CVE-2022-36648 10.0

This CVE describes a vulnerability in QEMU's hardware emulation where a malformed program executed i...

Same vulnerability type (CWE-476)
CVE-2022-30592 9.8

This vulnerability in LiteSpeed QUIC (LSQUIC) before version 3.1.0 involves improper handling of MAX...

Same vulnerability type (CWE-476)
CVE-2023-47003 9.8

A NULL pointer dereference vulnerability in RedisGraph allows attackers to execute arbitrary code or...

Same vulnerability type (CWE-476)