[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-38472":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":122,"related":123,"reserved_at":9,"published_at":141,"modified_at":142,"state":143,"summary":144,"references_raw":153,"kevs":181,"epss":182,"epss_history":185,"metrics":457,"affected":463},"CVE-2025-38472","In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack: fix crash due to removal of uninitialised entry\n\nA crash in conntrack was reported while trying to unlink the conntrack\nentry from the hash bucket list:\n    [exception RIP: __nf_ct_delete_from_lists+172]\n    [..]\n #7 [ff539b5a2b043aa0] nf_ct_delete at ffffffffc124d421 [nf_conntrack]\n #8 [ff539b5a2b043ad0] nf_ct_gc_expired at ffffffffc124d999 [nf_conntrack]\n #9 [ff539b5a2b043ae0] __nf_conntrack_find_get at ffffffffc124efbc [nf_conntrack]\n    [..]\n\nThe nf_conn struct is marked as allocated from slab but appears to be in\na partially initialised state:\n\n ct hlist pointer is garbage; looks like the ct hash value\n (hence crash).\n ct->status is equal to IPS_CONFIRMED|IPS_DYING, which is expected\n ct->timeout is 30000 (=30s), which is unexpected.\n\nEverything else looks like normal udp conntrack entry.  If we ignore\nct->status and pretend its 0, the entry matches those that are newly\nallocated but not yet inserted into the hash:\n  - ct hlist pointers are overloaded and store/cache the raw tuple hash\n  - ct->timeout matches the relative time expected for a new udp flow\n    rather than the absolute 'jiffies' value.\n\nIf it were not for the presence of IPS_CONFIRMED,\n__nf_conntrack_find_get() would have skipped the entry.\n\nTheory is that we did hit following race:\n\ncpu x \t\t\tcpu y\t\t\tcpu z\n found entry E\t\tfound entry E\n E is expired\t\t\u003Cpreemption>\n nf_ct_delete()\n return E to rcu slab\n\t\t\t\t\tinit_conntrack\n\t\t\t\t\tE is re-inited,\n\t\t\t\t\tct->status set to 0\n\t\t\t\t\treply tuplehash hnnode.pprev\n\t\t\t\t\tstores hash value.\n\ncpu y found E right before it was deleted on cpu x.\nE is now re-inited on cpu z.  cpu y was preempted before\nchecking for expiry and/or confirm bit.\n\n\t\t\t\t\t->refcnt set to 1\n\t\t\t\t\tE now owned by skb\n\t\t\t\t\t->timeout set to 30000\n\nIf cpu y were to resume now, it would observe E as\nexpired but would skip E due to missing CONFIRMED bit.\n\n\t\t\t\t\tnf_conntrack_confirm gets called\n\t\t\t\t\tsets: ct->status |= CONFIRMED\n\t\t\t\t\tThis is wrong: E is not yet added\n\t\t\t\t\tto hashtable.\n\ncpu y resumes, it observes E as expired but CONFIRMED:\n\t\t\t\u003Cresumes>\n\t\t\tnf_ct_expired()\n\t\t\t -> yes (ct->timeout is 30s)\n\t\t\tconfirmed bit set.\n\ncpu y will try to delete E from the hashtable:\n\t\t\tnf_ct_delete() -> set DYING bit\n\t\t\t__nf_ct_delete_from_lists\n\nEven this scenario doesn't guarantee a crash:\ncpu z still holds the table bucket lock(s) so y blocks:\n\n\t\t\twait for spinlock held by z\n\n\t\t\t\t\tCONFIRMED is set but there is no\n\t\t\t\t\tguarantee ct will be added to hash:\n\t\t\t\t\t\"chaintoolong\" or \"clash resolution\"\n\t\t\t\t\tlogic both skip the insert step.\n\t\t\t\t\treply hnnode.pprev still stores the\n\t\t\t\t\thash value.\n\n\t\t\t\t\tunlocks spinlock\n\t\t\t\t\treturn NF_DROP\n\t\t\t\u003Cunblocks, then\n\t\t\t crashes on hlist_nulls_del_rcu pprev>\n\nIn case CPU z does insert the entry into the hashtable, cpu y will unlink\nE again right away but no crash occurs.\n\nWithout 'cpu y' race, 'garbage' hlist is of no consequence:\nct refcnt remains at 1, eventually skb will be free'd and E gets\ndestroyed via: nf_conntrack_put -> nf_conntrack_destroy -> nf_ct_destroy.\n\nTo resolve this, move the IPS_CONFIRMED assignment after the table\ninsertion but before the unlock.\n\nPablo points out that the confirm-bit-store could be reordered to happen\nbefore hlist add resp. the timeout fixup, so switch to set_bit and\nbefore_atomic memory barrier to prevent this.\n\nIt doesn't matter if other CPUs can observe a newly inserted entry right\nbefore the CONFIRMED bit was set:\n\nSuch event cannot be distinguished from above \"E is the old incarnation\"\ncase: the entry will be skipped.\n\nAlso change nf_ct_should_gc() to first check the confirmed bit.\n\nThe gc sequence is:\n 1. Check if entry has expired, if not skip to next entry\n 2. Obtain a reference to the expired entry.\n 3. Call nf_ct_should_gc() to double-check step 1.\n\nnf_ct_should_gc() is thus called only for entries that already failed an\nexpiry check. After this patch, once the confirmed bit check pas\n---truncated---",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-908","Use of Uninitialized Resource","The product uses or accesses a resource that has not been initialized.","weakness","Incomplete","Base","Medium",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110,112,114,116,118,120],{"_key":25},"SUSE-SU-2025:03301-1",{"_key":27},"DLA-4328-1",{"_key":29},"DSA-5973-1",{"_key":31},"DSA-5975-1",{"_key":33},"RHSA-2025:15005",{"_key":35},"RHSA-2025:16880",{"_key":37},"RHSA-2025:17122",{"_key":39},"RHSA-2025:17123",{"_key":41},"RHSA-2025:17241",{"_key":43},"SUSE-SU-2025:03290-1",{"_key":45},"SUSE-SU-2025:03382-1",{"_key":47},"SUSE-SU-2025:03602-1",{"_key":49},"SUSE-SU-2025:03633-1",{"_key":51},"SUSE-SU-2025:20653-1",{"_key":53},"SUSE-SU-2025:20669-1",{"_key":55},"SUSE-SU-2025:20739-1",{"_key":57},"SUSE-SU-2025:20756-1",{"_key":59},"SUSE-SU-2025:21074-1",{"_key":61},"SUSE-SU-2025:21139-1",{"_key":63},"SUSE-SU-2025:21179-1",{"_key":65},"SUSE-SU-2025:03272-1",{"_key":67},"SUSE-SU-2025:03634-1",{"_key":69},"OPENSUSE-SU-2025:20081-1",{"_key":71},"MGASA-2025-0218",{"_key":73},"MGASA-2025-0219",{"_key":75},"DEBIAN-CVE-2025-38472",{"_key":77},"USN-7934-1",{"_key":79},"USN-8028-1",{"_key":81},"USN-8028-2",{"_key":83},"USN-8028-3",{"_key":85},"USN-8028-4",{"_key":87},"USN-8028-5",{"_key":89},"USN-8028-6",{"_key":91},"USN-8028-7",{"_key":93},"USN-8028-8",{"_key":95},"USN-8031-1",{"_key":97},"USN-8031-2",{"_key":99},"USN-8031-3",{"_key":101},"USN-8052-1",{"_key":103},"USN-8052-2",{"_key":105},"USN-8074-1",{"_key":107},"USN-8074-2",{"_key":109},"USN-8126-1",{"_key":111},"UBUNTU-CVE-2025-38472",{"_key":113},"USN-7879-1",{"_key":115},"USN-7879-2",{"_key":117},"USN-7879-3",{"_key":119},"USN-7879-4",{"_key":121},"USN-7880-1",[],[124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140],{"_key":25},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},"2025-07-28T11:21:33.977Z","2026-05-23T15:59:48.939Z","Analyzed",{"cisa_kev":145,"cisa_ransomware":145,"cisa_vendor":9,"epss_severity":146,"epss_score":147,"severity":148,"severity_score":149,"severity_version":150,"severity_source":151,"severity_vector":152,"severity_status":143},false,"low",0.00084,"medium",5.5,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",[154,160,164,168,172,176],{"url":155,"sources":156,"tags":158},"https://git.kernel.org/stable/c/a47ef874189d47f934d0809ae738886307c0ea22",[157,151],"cve.org",[159],"Patch",{"url":161,"sources":162,"tags":163},"https://git.kernel.org/stable/c/76179961c423cd698080b5e4d5583cf7f4fcdde9",[157,151],[159],{"url":165,"sources":166,"tags":167},"https://git.kernel.org/stable/c/fc38c249c622ff5e3011b8845fd49dbfd9289afc",[157,151],[159],{"url":169,"sources":170,"tags":171},"https://git.kernel.org/stable/c/938ce0e8422d3793fe30df2ed0e37f6bc0598379",[157,151],[159],{"url":173,"sources":174,"tags":175},"https://git.kernel.org/stable/c/2d72afb340657f03f7261e9243b44457a9228ac7",[157,151],[159],{"url":177,"sources":178,"tags":179},"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",[157,151],[180],"Third Party Advisory",[],{"date":183,"score":147,"percentile":184},"2026-06-03",0.24362,[186,190,193,196,199,202,205,208,211,214,217,220,223,226,229,232,235,238,241,244,247,250,252,255,259,262,265,268,271,274,277,279,282,285,287,290,293,296,299,302,305,308,311,314,317,320,323,326,329,332,336,340,344,347,351,354,357,360,363,366,369,371,374,378,381,384,387,390,393,396,399,402,405,408,411,414,417,420,423,426,429,431,434,437,440,443,446,449,451,454],{"date":187,"score":188,"percentile":189},"2025-11-04",0.00036,0.10202,{"date":191,"score":188,"percentile":192},"2025-11-05",0.10227,{"date":194,"score":188,"percentile":195},"2025-11-06",0.1034,{"date":197,"score":188,"percentile":198},"2025-11-07",0.10363,{"date":200,"score":188,"percentile":201},"2025-11-08",0.10364,{"date":203,"score":188,"percentile":204},"2025-11-09",0.10331,{"date":206,"score":188,"percentile":207},"2025-11-10",0.10294,{"date":209,"score":188,"percentile":210},"2025-11-11",0.10304,{"date":212,"score":188,"percentile":213},"2025-11-12",0.10329,{"date":215,"score":188,"percentile":216},"2025-11-13",0.10367,{"date":218,"score":188,"percentile":219},"2025-11-14",0.10374,{"date":221,"score":188,"percentile":222},"2025-11-15",0.10368,{"date":224,"score":188,"percentile":225},"2025-11-16",0.10365,{"date":227,"score":188,"percentile":228},"2025-11-17",0.10349,{"date":230,"score":188,"percentile":231},"2025-11-18",0.06346,{"date":233,"score":188,"percentile":234},"2025-11-19",0.06353,{"date":236,"score":188,"percentile":237},"2025-11-20",0.06383,{"date":239,"score":188,"percentile":240},"2025-11-21",0.1037,{"date":242,"score":188,"percentile":243},"2025-11-22",0.10375,{"date":245,"score":188,"percentile":246},"2025-11-23",0.10335,{"date":248,"score":188,"percentile":249},"2025-11-24",0.10302,{"date":251,"score":188,"percentile":210},"2025-11-25",{"date":253,"score":188,"percentile":254},"2025-11-26",0.10298,{"date":256,"score":257,"percentile":258},"2025-11-27",0.00047,0.14313,{"date":260,"score":257,"percentile":261},"2025-11-28",0.14292,{"date":263,"score":257,"percentile":264},"2025-11-29",0.14286,{"date":266,"score":257,"percentile":267},"2025-11-30",0.14293,{"date":269,"score":257,"percentile":270},"2025-12-01",0.14327,{"date":272,"score":257,"percentile":273},"2025-12-02",0.14348,{"date":275,"score":257,"percentile":276},"2025-12-03",0.14371,{"date":278,"score":257,"percentile":273},"2025-12-04",{"date":280,"score":257,"percentile":281},"2025-12-05",0.1441,{"date":283,"score":257,"percentile":284},"2025-12-06",0.14429,{"date":286,"score":257,"percentile":281},"2025-12-07",{"date":288,"score":257,"percentile":289},"2025-12-08",0.14425,{"date":291,"score":257,"percentile":292},"2025-12-09",0.14483,{"date":294,"score":257,"percentile":295},"2025-12-10",0.14553,{"date":297,"score":257,"percentile":298},"2025-12-11",0.14586,{"date":300,"score":257,"percentile":301},"2025-12-12",0.1463,{"date":303,"score":257,"percentile":304},"2025-12-13",0.14639,{"date":306,"score":257,"percentile":307},"2025-12-14",0.146,{"date":309,"score":257,"percentile":310},"2025-12-15",0.14565,{"date":312,"score":257,"percentile":313},"2025-12-16",0.14588,{"date":315,"score":257,"percentile":316},"2025-12-17",0.14685,{"date":318,"score":257,"percentile":319},"2025-12-18",0.14743,{"date":321,"score":257,"percentile":322},"2025-12-19",0.14783,{"date":324,"score":257,"percentile":325},"2025-12-20",0.14759,{"date":327,"score":257,"percentile":328},"2025-12-21",0.14722,{"date":330,"score":257,"percentile":331},"2025-12-22",0.14675,{"date":333,"score":334,"percentile":335},"2025-12-23",0.00029,0.07703,{"date":337,"score":338,"percentile":339},"2025-12-24",0.00014,0.01868,{"date":341,"score":342,"percentile":343},"2025-12-25",0.00013,0.01695,{"date":345,"score":342,"percentile":346},"2025-12-26",0.01698,{"date":348,"score":349,"percentile":350},"2025-12-27",0.0001,0.00913,{"date":352,"score":342,"percentile":353},"2025-12-28",0.01692,{"date":355,"score":342,"percentile":356},"2025-12-29",0.01685,{"date":358,"score":342,"percentile":359},"2025-12-30",0.01679,{"date":361,"score":342,"percentile":362},"2025-12-31",0.01677,{"date":364,"score":342,"percentile":365},"2026-01-01",0.01699,{"date":367,"score":342,"percentile":368},"2026-01-02",0.01697,{"date":370,"score":342,"percentile":365},"2026-01-03",{"date":372,"score":342,"percentile":373},"2026-01-04",0.0166,{"date":375,"score":376,"percentile":377},"2026-01-05",0.00019,0.04077,{"date":379,"score":376,"percentile":380},"2026-01-06",0.04076,{"date":382,"score":376,"percentile":383},"2026-01-07",0.04096,{"date":385,"score":376,"percentile":386},"2026-01-08",0.04131,{"date":388,"score":376,"percentile":389},"2026-01-09",0.04136,{"date":391,"score":376,"percentile":392},"2026-01-10",0.04148,{"date":394,"score":376,"percentile":395},"2026-01-11",0.0413,{"date":397,"score":376,"percentile":398},"2026-01-12",0.04127,{"date":400,"score":376,"percentile":401},"2026-01-13",0.04119,{"date":403,"score":376,"percentile":404},"2026-01-14",0.04163,{"date":406,"score":376,"percentile":407},"2026-01-15",0.04089,{"date":409,"score":376,"percentile":410},"2026-01-16",0.0406,{"date":412,"score":376,"percentile":413},"2026-01-17",0.04061,{"date":415,"score":376,"percentile":416},"2026-01-18",0.04037,{"date":418,"score":376,"percentile":419},"2026-01-19",0.03987,{"date":421,"score":376,"percentile":422},"2026-01-20",0.03946,{"date":424,"score":376,"percentile":425},"2026-01-21",0.03933,{"date":427,"score":376,"percentile":428},"2026-01-22",0.03937,{"date":430,"score":376,"percentile":419},"2026-01-23",{"date":432,"score":376,"percentile":433},"2026-01-24",0.04028,{"date":435,"score":376,"percentile":436},"2026-01-25",0.04016,{"date":438,"score":376,"percentile":439},"2026-01-26",0.04004,{"date":441,"score":376,"percentile":442},"2026-01-27",0.0399,{"date":444,"score":376,"percentile":445},"2026-01-28",0.03973,{"date":447,"score":376,"percentile":448},"2026-01-29",0.03989,{"date":450,"score":376,"percentile":442},"2026-01-30",{"date":452,"score":376,"percentile":453},"2026-01-31",0.03974,{"date":455,"score":376,"percentile":456},"2026-02-01",0.04081,[458],{"source":151,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":459,"cvss_v4_0":9},{"baseScore":149,"baseSeverity":460,"vectorString":152,"impactScore":461,"exploitabilityScore":462},"MEDIUM",6,4.6,[464,473,504],{"ecosystem":9,"name":465,"vendor":466,"product":467,"cpe_part":468,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":469},"debian linux","debian","debian_linux","o",[470],{"version":471,"is_range":145,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0","cpe",{"ecosystem":9,"name":474,"vendor":475,"product":475,"cpe_part":476,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":477},"Linux","linux","a",[478,485,488,491,494,497,499,503],{"version":479,"is_range":480,"range_type":157,"version_start":481,"version_start_type":482,"version_end":483,"version_end_type":484,"fixed_in":9},">= 1397af5bfd7d32b0cf2adb70a78c9a9e8f11d912, \u003C a47ef874189d47f934d0809ae738886307c0ea22",true,"1397af5bfd7d32b0cf2adb70a78c9a9e8f11d912","including","a47ef874189d47f934d0809ae738886307c0ea22","excluding",{"version":486,"is_range":480,"range_type":157,"version_start":481,"version_start_type":482,"version_end":487,"version_end_type":484,"fixed_in":9},">= 1397af5bfd7d32b0cf2adb70a78c9a9e8f11d912, \u003C 76179961c423cd698080b5e4d5583cf7f4fcdde9","76179961c423cd698080b5e4d5583cf7f4fcdde9",{"version":489,"is_range":480,"range_type":157,"version_start":481,"version_start_type":482,"version_end":490,"version_end_type":484,"fixed_in":9},">= 1397af5bfd7d32b0cf2adb70a78c9a9e8f11d912, \u003C fc38c249c622ff5e3011b8845fd49dbfd9289afc","fc38c249c622ff5e3011b8845fd49dbfd9289afc",{"version":492,"is_range":480,"range_type":157,"version_start":481,"version_start_type":482,"version_end":493,"version_end_type":484,"fixed_in":9},">= 1397af5bfd7d32b0cf2adb70a78c9a9e8f11d912, \u003C 938ce0e8422d3793fe30df2ed0e37f6bc0598379","938ce0e8422d3793fe30df2ed0e37f6bc0598379",{"version":495,"is_range":480,"range_type":157,"version_start":481,"version_start_type":482,"version_end":496,"version_end_type":484,"fixed_in":9},">= 1397af5bfd7d32b0cf2adb70a78c9a9e8f11d912, \u003C 2d72afb340657f03f7261e9243b44457a9228ac7","2d72afb340657f03f7261e9243b44457a9228ac7",{"version":498,"is_range":145,"range_type":157,"version_start":498,"version_start_type":482,"version_end":498,"version_end_type":482,"fixed_in":9},"594cea2c09f7cd440d1ee1c4547d5bc6a646b0e4",{"version":500,"is_range":480,"range_type":157,"version_start":501,"version_start_type":482,"version_end":502,"version_end_type":484,"fixed_in":9},">= 5.18.13, \u003C 5.19","5.18.13","5.19",{"version":502,"is_range":145,"range_type":157,"version_start":502,"version_start_type":482,"version_end":502,"version_end_type":482,"fixed_in":9},{"ecosystem":9,"name":505,"vendor":475,"product":506,"cpe_part":468,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":507},"linux kernel","linux_kernel",[508,511,515,519,523,525,527,529,531,533],{"version":509,"is_range":480,"range_type":472,"version_start":501,"version_start_type":482,"version_end":510,"version_end_type":484,"fixed_in":9},"gte5.18.13_lt6.1.147","6.1.147",{"version":512,"is_range":480,"range_type":472,"version_start":513,"version_start_type":482,"version_end":514,"version_end_type":484,"fixed_in":9},"gte6.2_lt6.6.100","6.2","6.6.100",{"version":516,"is_range":480,"range_type":472,"version_start":517,"version_start_type":482,"version_end":518,"version_end_type":484,"fixed_in":9},"gte6.7_lt6.12.40","6.7","6.12.40",{"version":520,"is_range":480,"range_type":472,"version_start":521,"version_start_type":482,"version_end":522,"version_end_type":484,"fixed_in":9},"gte6.13_lt6.15.8","6.13","6.15.8",{"version":524,"is_range":145,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.16:rc1",{"version":526,"is_range":145,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.16:rc2",{"version":528,"is_range":145,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.16:rc3",{"version":530,"is_range":145,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.16:rc4",{"version":532,"is_range":145,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.16:rc5",{"version":534,"is_range":145,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.16:rc6"]