[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-38166":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":18,"aliases":19,"duplicate_of":9,"upstream":20,"downstream":21,"duplicates":108,"related":109,"reserved_at":9,"published_at":124,"modified_at":125,"state":126,"summary":127,"references_raw":136,"kevs":164,"epss":165,"epss_history":168,"metrics":441,"affected":447},"CVE-2025-38166","In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: fix ktls panic with sockmap\n\n[ 2172.936997] ------------[ cut here ]------------\n[ 2172.936999] kernel BUG at lib/iov_iter.c:629!\n......\n[ 2172.944996] PKRU: 55555554\n[ 2172.945155] Call Trace:\n[ 2172.945299]  \u003CTASK>\n[ 2172.945428]  ? die+0x36/0x90\n[ 2172.945601]  ? do_trap+0xdd/0x100\n[ 2172.945795]  ? iov_iter_revert+0x178/0x180\n[ 2172.946031]  ? iov_iter_revert+0x178/0x180\n[ 2172.946267]  ? do_error_trap+0x7d/0x110\n[ 2172.946499]  ? iov_iter_revert+0x178/0x180\n[ 2172.946736]  ? exc_invalid_op+0x50/0x70\n[ 2172.946961]  ? iov_iter_revert+0x178/0x180\n[ 2172.947197]  ? asm_exc_invalid_op+0x1a/0x20\n[ 2172.947446]  ? iov_iter_revert+0x178/0x180\n[ 2172.947683]  ? iov_iter_revert+0x5c/0x180\n[ 2172.947913]  tls_sw_sendmsg_locked.isra.0+0x794/0x840\n[ 2172.948206]  tls_sw_sendmsg+0x52/0x80\n[ 2172.948420]  ? inet_sendmsg+0x1f/0x70\n[ 2172.948634]  __sys_sendto+0x1cd/0x200\n[ 2172.948848]  ? find_held_lock+0x2b/0x80\n[ 2172.949072]  ? syscall_trace_enter+0x140/0x270\n[ 2172.949330]  ? __lock_release.isra.0+0x5e/0x170\n[ 2172.949595]  ? find_held_lock+0x2b/0x80\n[ 2172.949817]  ? syscall_trace_enter+0x140/0x270\n[ 2172.950211]  ? lockdep_hardirqs_on_prepare+0xda/0x190\n[ 2172.950632]  ? ktime_get_coarse_real_ts64+0xc2/0xd0\n[ 2172.951036]  __x64_sys_sendto+0x24/0x30\n[ 2172.951382]  do_syscall_64+0x90/0x170\n......\n\nAfter calling bpf_exec_tx_verdict(), the size of msg_pl->sg may increase,\ne.g., when the BPF program executes bpf_msg_push_data().\n\nIf the BPF program sets cork_bytes and sg.size is smaller than cork_bytes,\nit will return -ENOSPC and attempt to roll back to the non-zero copy\nlogic. However, during rollback, msg->msg_iter is reset, but since\nmsg_pl->sg.size has been increased, subsequent executions will exceed the\nactual size of msg_iter.\n'''\niov_iter_revert(&msg->msg_iter, msg_pl->sg.size - orig_size);\n'''\n\nThe changes in this commit are based on the following considerations:\n\n1. When cork_bytes is set, rolling back to non-zero copy logic is\npointless and can directly go to zero-copy logic.\n\n2. We can not calculate the correct number of bytes to revert msg_iter.\n\nAssume the original data is \"abcdefgh\" (8 bytes), and after 3 pushes\nby the BPF program, it becomes 11-byte data: \"abc?de?fgh?\".\nThen, we set cork_bytes to 6, which means the first 6 bytes have been\nprocessed, and the remaining 5 bytes \"?fgh?\" will be cached until the\nlength meets the cork_bytes requirement.\n\nHowever, some data in \"?fgh?\" is not within 'sg->msg_iter'\n(but in msg_pl instead), especially the data \"?\" we pushed.\n\nSo it doesn't seem as simple as just reverting through an offset of\nmsg_iter.\n\n3. For non-TLS sockets in tcp_bpf_sendmsg, when a \"cork\" situation occurs,\nthe user-space send() doesn't return an error, and the returned length is\nthe same as the input length parameter, even if some data is cached.\n\nAdditionally, I saw that the current non-zero-copy logic for handling\ncorking is written as:\n'''\nline 1177\nelse if (ret != -EAGAIN) {\n\tif (ret == -ENOSPC)\n\t\tret = 0;\n\tgoto send_end;\n'''\n\nSo it's ok to just return 'copied' without error when a \"cork\" situation\noccurs.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"NVD-CWE-NOINFO","Insufficient Information","NVD uses this CWE ID when there is insufficient information to assign a specific CWE.","placeholder","NVD-Reserved",[],[],[],[],[22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106],{"_key":23},"SUSE-SU-2025:02846-1",{"_key":25},"SUSE-SU-2025:02853-1",{"_key":27},"SUSE-SU-2025:02923-1",{"_key":29},"USN-7770-1",{"_key":31},"USN-7789-2",{"_key":33},"SUSE-SU-2025:02969-1",{"_key":35},"SUSE-SU-2025:03023-1",{"_key":37},"DLA-4328-1",{"_key":39},"DSA-5973-1",{"_key":41},"SUSE-SU-2025:02997-1",{"_key":43},"SUSE-SU-2025:03011-1",{"_key":45},"SUSE-SU-2025:20577-1",{"_key":47},"SUSE-SU-2025:20586-1",{"_key":49},"SUSE-SU-2025:20601-1",{"_key":51},"SUSE-SU-2025:20602-1",{"_key":53},"SUSE-SU-2025:02996-1",{"_key":55},"MGASA-2025-0218",{"_key":57},"MGASA-2025-0219",{"_key":59},"DEBIAN-CVE-2025-38166",{"_key":61},"USN-8028-1",{"_key":63},"USN-8028-2",{"_key":65},"USN-8028-3",{"_key":67},"USN-8028-4",{"_key":69},"USN-8028-5",{"_key":71},"USN-8028-6",{"_key":73},"USN-8028-7",{"_key":75},"USN-8028-8",{"_key":77},"USN-8031-1",{"_key":79},"USN-8031-2",{"_key":81},"USN-8031-3",{"_key":83},"USN-8052-1",{"_key":85},"USN-8052-2",{"_key":87},"USN-8074-1",{"_key":89},"USN-8074-2",{"_key":91},"USN-8126-1",{"_key":93},"RHSA-2026:18587",{"_key":95},"RHSA-2026:18134",{"_key":97},"USN-7769-1",{"_key":99},"USN-7769-2",{"_key":101},"USN-7769-3",{"_key":103},"USN-7771-1",{"_key":105},"USN-7789-1",{"_key":107},"UBUNTU-CVE-2025-38166",[],[110,111,112,113,114,115,116,117,118,119,120,121,122,123],{"_key":23},{"_key":25},{"_key":27},{"_key":33},{"_key":35},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},"2025-07-03T08:36:06.372Z","2026-05-11T21:22:32.294Z","Analyzed",{"cisa_kev":128,"cisa_ransomware":128,"cisa_vendor":9,"epss_severity":129,"epss_score":130,"severity":131,"severity_score":132,"severity_version":133,"severity_source":134,"severity_vector":135,"severity_status":126},false,"low",0.0015,"medium",5.5,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",[137,143,147,151,155,159],{"url":138,"sources":139,"tags":141},"https://git.kernel.org/stable/c/328cac3f9f8ae394748485e769a527518a9137c8",[140,134],"cve.org",[142],"Patch",{"url":144,"sources":145,"tags":146},"https://git.kernel.org/stable/c/2e36a81d388ec9c3f78b6223f7eda2088cd40adb",[140,134],[142],{"url":148,"sources":149,"tags":150},"https://git.kernel.org/stable/c/57fbbe29e86042bbaa31c1a30d2afa16c427e3f7",[140,134],[142],{"url":152,"sources":153,"tags":154},"https://git.kernel.org/stable/c/603943f022a7fe5cc83ca7005faf34798fb7853f",[140,134],[142],{"url":156,"sources":157,"tags":158},"https://git.kernel.org/stable/c/54a3ecaeeeae8176da8badbd7d72af1017032c39",[140,134],[142],{"url":160,"sources":161,"tags":162},"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",[140,134],[163],"Third Party Advisory",[],{"date":166,"score":130,"percentile":167},"2026-06-04",0.35279,[169,173,176,179,182,185,188,191,194,197,200,203,206,209,212,216,219,222,225,228,231,234,237,240,243,246,250,254,257,260,263,266,269,272,275,278,281,284,288,291,294,297,300,303,306,309,313,316,319,322,325,328,331,334,338,340,343,346,349,352,355,358,360,363,366,369,372,375,378,381,384,387,390,393,396,399,402,405,407,410,412,414,417,420,423,426,429,432,435,438],{"date":170,"score":171,"percentile":172},"2025-11-04",0.0009,0.26272,{"date":174,"score":171,"percentile":175},"2025-11-05",0.26243,{"date":177,"score":171,"percentile":178},"2025-11-06",0.2625,{"date":180,"score":171,"percentile":181},"2025-11-07",0.26251,{"date":183,"score":171,"percentile":184},"2025-11-08",0.26248,{"date":186,"score":171,"percentile":187},"2025-11-09",0.26197,{"date":189,"score":171,"percentile":190},"2025-11-10",0.2616,{"date":192,"score":171,"percentile":193},"2025-11-11",0.26171,{"date":195,"score":171,"percentile":196},"2025-11-12",0.26196,{"date":198,"score":171,"percentile":199},"2025-11-13",0.262,{"date":201,"score":171,"percentile":202},"2025-11-14",0.26195,{"date":204,"score":171,"percentile":205},"2025-11-15",0.26187,{"date":207,"score":171,"percentile":208},"2025-11-16",0.26146,{"date":210,"score":171,"percentile":211},"2025-11-17",0.26106,{"date":213,"score":214,"percentile":215},"2025-11-18",0.00046,0.09257,{"date":217,"score":214,"percentile":218},"2025-11-19",0.09269,{"date":220,"score":214,"percentile":221},"2025-11-20",0.09289,{"date":223,"score":171,"percentile":224},"2025-11-21",0.26066,{"date":226,"score":171,"percentile":227},"2025-11-22",0.26065,{"date":229,"score":171,"percentile":230},"2025-11-23",0.26019,{"date":232,"score":171,"percentile":233},"2025-11-24",0.25994,{"date":235,"score":171,"percentile":236},"2025-11-25",0.25983,{"date":238,"score":171,"percentile":239},"2025-11-26",0.25974,{"date":241,"score":171,"percentile":242},"2025-11-27",0.25972,{"date":244,"score":171,"percentile":245},"2025-11-28",0.25941,{"date":247,"score":248,"percentile":249},"2025-11-29",0.00057,0.17696,{"date":251,"score":252,"percentile":253},"2025-11-30",0.00055,0.17055,{"date":255,"score":252,"percentile":256},"2025-12-01",0.17096,{"date":258,"score":252,"percentile":259},"2025-12-02",0.17105,{"date":261,"score":252,"percentile":262},"2025-12-03",0.17117,{"date":264,"score":252,"percentile":265},"2025-12-04",0.17078,{"date":267,"score":252,"percentile":268},"2025-12-05",0.17122,{"date":270,"score":252,"percentile":271},"2025-12-06",0.17127,{"date":273,"score":252,"percentile":274},"2025-12-07",0.17113,{"date":276,"score":252,"percentile":277},"2025-12-08",0.17126,{"date":279,"score":252,"percentile":280},"2025-12-09",0.1719,{"date":282,"score":252,"percentile":283},"2025-12-10",0.17254,{"date":285,"score":286,"percentile":287},"2025-12-11",0.00075,0.22858,{"date":289,"score":286,"percentile":290},"2025-12-12",0.22863,{"date":292,"score":286,"percentile":293},"2025-12-13",0.22869,{"date":295,"score":286,"percentile":296},"2025-12-14",0.22836,{"date":298,"score":286,"percentile":299},"2025-12-15",0.22811,{"date":301,"score":286,"percentile":302},"2025-12-16",0.22842,{"date":304,"score":286,"percentile":305},"2025-12-17",0.22919,{"date":307,"score":286,"percentile":308},"2025-12-18",0.22959,{"date":310,"score":311,"percentile":312},"2025-12-19",0.00037,0.10913,{"date":314,"score":311,"percentile":315},"2025-12-20",0.10912,{"date":317,"score":311,"percentile":318},"2025-12-21",0.10893,{"date":320,"score":311,"percentile":321},"2025-12-22",0.10866,{"date":323,"score":311,"percentile":324},"2025-12-23",0.10855,{"date":326,"score":311,"percentile":327},"2025-12-24",0.10861,{"date":329,"score":311,"percentile":330},"2025-12-25",0.1094,{"date":332,"score":311,"percentile":333},"2025-12-26",0.10934,{"date":335,"score":336,"percentile":337},"2025-12-27",0.00029,0.0769,{"date":339,"score":311,"percentile":330},"2025-12-28",{"date":341,"score":311,"percentile":342},"2025-12-29",0.10902,{"date":344,"score":311,"percentile":345},"2025-12-30",0.10882,{"date":347,"score":311,"percentile":348},"2025-12-31",0.10931,{"date":350,"score":311,"percentile":351},"2026-01-01",0.10973,{"date":353,"score":311,"percentile":354},"2026-01-02",0.10971,{"date":356,"score":311,"percentile":357},"2026-01-03",0.10937,{"date":359,"score":311,"percentile":321},"2026-01-04",{"date":361,"score":311,"percentile":362},"2026-01-05",0.10825,{"date":364,"score":311,"percentile":365},"2026-01-06",0.10824,{"date":367,"score":311,"percentile":368},"2026-01-07",0.10854,{"date":370,"score":311,"percentile":371},"2026-01-08",0.10906,{"date":373,"score":311,"percentile":374},"2026-01-09",0.10933,{"date":376,"score":311,"percentile":377},"2026-01-10",0.10943,{"date":379,"score":311,"percentile":380},"2026-01-11",0.10918,{"date":382,"score":311,"percentile":383},"2026-01-12",0.10894,{"date":385,"score":311,"percentile":386},"2026-01-13",0.1087,{"date":388,"score":311,"percentile":389},"2026-01-14",0.10926,{"date":391,"score":311,"percentile":392},"2026-01-15",0.10936,{"date":394,"score":311,"percentile":395},"2026-01-16",0.10978,{"date":397,"score":311,"percentile":398},"2026-01-17",0.10988,{"date":400,"score":311,"percentile":401},"2026-01-18",0.10938,{"date":403,"score":311,"percentile":404},"2026-01-19",0.10883,{"date":406,"score":311,"percentile":327},"2026-01-20",{"date":408,"score":311,"percentile":409},"2026-01-21",0.10832,{"date":411,"score":311,"percentile":365},"2026-01-22",{"date":413,"score":311,"percentile":312},"2026-01-23",{"date":415,"score":311,"percentile":416},"2026-01-24",0.10966,{"date":418,"score":311,"percentile":419},"2026-01-25",0.10929,{"date":421,"score":311,"percentile":422},"2026-01-26",0.10873,{"date":424,"score":311,"percentile":425},"2026-01-27",0.10609,{"date":427,"score":311,"percentile":428},"2026-01-28",0.10588,{"date":430,"score":311,"percentile":431},"2026-01-29",0.1057,{"date":433,"score":311,"percentile":434},"2026-01-30",0.10591,{"date":436,"score":311,"percentile":437},"2026-01-31",0.1061,{"date":439,"score":311,"percentile":440},"2026-02-01",0.1062,[442],{"source":134,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":443,"cvss_v4_0":9},{"baseScore":132,"baseSeverity":444,"vectorString":135,"impactScore":445,"exploitabilityScore":446},"MEDIUM",6,4.6,[448,457,483],{"ecosystem":9,"name":449,"vendor":450,"product":451,"cpe_part":452,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":453},"debian linux","debian","debian_linux","o",[454],{"version":455,"is_range":128,"range_type":456,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0","cpe",{"ecosystem":9,"name":458,"vendor":459,"product":459,"cpe_part":460,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":461},"Linux","linux","a",[462,469,472,475,478,481],{"version":463,"is_range":464,"range_type":140,"version_start":465,"version_start_type":466,"version_end":467,"version_end_type":468,"fixed_in":9},">= d3b18ad31f93d0b6bae105c679018a1ba7daa9ca, \u003C 328cac3f9f8ae394748485e769a527518a9137c8",true,"d3b18ad31f93d0b6bae105c679018a1ba7daa9ca","including","328cac3f9f8ae394748485e769a527518a9137c8","excluding",{"version":470,"is_range":464,"range_type":140,"version_start":465,"version_start_type":466,"version_end":471,"version_end_type":468,"fixed_in":9},">= d3b18ad31f93d0b6bae105c679018a1ba7daa9ca, \u003C 2e36a81d388ec9c3f78b6223f7eda2088cd40adb","2e36a81d388ec9c3f78b6223f7eda2088cd40adb",{"version":473,"is_range":464,"range_type":140,"version_start":465,"version_start_type":466,"version_end":474,"version_end_type":468,"fixed_in":9},">= d3b18ad31f93d0b6bae105c679018a1ba7daa9ca, \u003C 57fbbe29e86042bbaa31c1a30d2afa16c427e3f7","57fbbe29e86042bbaa31c1a30d2afa16c427e3f7",{"version":476,"is_range":464,"range_type":140,"version_start":465,"version_start_type":466,"version_end":477,"version_end_type":468,"fixed_in":9},">= d3b18ad31f93d0b6bae105c679018a1ba7daa9ca, \u003C 603943f022a7fe5cc83ca7005faf34798fb7853f","603943f022a7fe5cc83ca7005faf34798fb7853f",{"version":479,"is_range":464,"range_type":140,"version_start":465,"version_start_type":466,"version_end":480,"version_end_type":468,"fixed_in":9},">= d3b18ad31f93d0b6bae105c679018a1ba7daa9ca, \u003C 54a3ecaeeeae8176da8badbd7d72af1017032c39","54a3ecaeeeae8176da8badbd7d72af1017032c39",{"version":482,"is_range":128,"range_type":140,"version_start":482,"version_start_type":466,"version_end":482,"version_end_type":466,"fixed_in":9},"4.20",{"ecosystem":9,"name":484,"vendor":459,"product":485,"cpe_part":452,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":486},"linux kernel","linux_kernel",[487,490,494,498],{"version":488,"is_range":464,"range_type":456,"version_start":482,"version_start_type":466,"version_end":489,"version_end_type":468,"fixed_in":9},"gte4.20_lt6.1.142","6.1.142",{"version":491,"is_range":464,"range_type":456,"version_start":492,"version_start_type":466,"version_end":493,"version_end_type":468,"fixed_in":9},"gte6.2_lt6.6.94","6.2","6.6.94",{"version":495,"is_range":464,"range_type":456,"version_start":496,"version_start_type":466,"version_end":497,"version_end_type":468,"fixed_in":9},"gte6.7_lt6.12.34","6.7","6.12.34",{"version":499,"is_range":464,"range_type":456,"version_start":500,"version_start_type":466,"version_end":501,"version_end_type":468,"fixed_in":9},"gte6.13_lt6.15.3","6.13","6.15.3"]