[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-DEBIAN-CVE-2025-38471":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":16,"duplicates":23,"related":24,"reserved_at":9,"published_at":25,"modified_at":26,"state":9,"summary":27,"references_raw":29,"kevs":36,"epss":9,"epss_history":37,"metrics":38,"affected":45},"DEBIAN-CVE-2025-38471","In the Linux kernel, the following vulnerability has been resolved:  tls: always refresh the queue when reading sock  After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if all skbs in the queue have matching decrypt state and geometry.      BUG: KASAN: slab-use-after-free in tls_strp_check_rcv+0x898/0x9a0 [tls]     (net/tls/tls_strp.c:436 net/tls/tls_strp.c:530 net/tls/tls_strp.c:544)     Read of size 4 at addr ffff888013085750 by task tls/13529      CPU: 2 UID: 0 PID: 13529 Comm: tls Not tainted 6.16.0-rc5-virtme     Call Trace:      kasan_report+0xca/0x100      tls_strp_check_rcv+0x898/0x9a0 [tls]      tls_rx_rec_wait+0x2c9/0x8d0 [tls]      tls_sw_recvmsg+0x40f/0x1aa0 [tls]      inet_recvmsg+0x1c3/0x1f0  Always reload the queue, fast path is to have the record in the queue when we wake, anyway (IOW the path going down \"if !strp->stm.full_len\").",null,[],[],[],[14],{"_key":15},"CVE-2025-38471",[17,19,21],{"_key":18},"DLA-4328-1",{"_key":20},"DSA-5973-1",{"_key":22},"DSA-5975-1",[],[],"2025-07-28T12:15:28.890Z","2026-04-28T20:29:58.750972Z",{"cisa_kev":28,"cisa_ransomware":28,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[30],{"url":31,"sources":32,"tags":34},"https://security-tracker.debian.org/tracker/CVE-2025-38471",[33],"osv_debian",[35],"Advisory",[],[],[39],{"source":33,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":40,"cvss_v4_0":9},{"baseScore":41,"baseSeverity":9,"vectorString":42,"impactScore":43,"exploitabilityScore":44},7.8,"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",9.8,4.6,[46,64],{"ecosystem":47,"name":48,"vendor":49,"product":48,"cpe_part":9,"purl_type":50,"purl_namespace":49,"purl_name":48,"source":9,"versions":51},"Debian","linux","debian","deb",[52,58,61],{"version":53,"is_range":54,"range_type":55,"version_start":9,"version_start_type":9,"version_end":56,"version_end_type":57,"fixed_in":9},"lt6_1_147_1",true,"ecosystem","6.1.147-1","excluding",{"version":59,"is_range":54,"range_type":55,"version_start":9,"version_start_type":9,"version_end":60,"version_end_type":57,"fixed_in":9},"lt6_12_41_1","6.12.41-1",{"version":62,"is_range":54,"range_type":55,"version_start":9,"version_start_type":9,"version_end":63,"version_end_type":57,"fixed_in":9},"lt6_16_3_1","6.16.3-1",{"ecosystem":47,"name":65,"vendor":49,"product":65,"cpe_part":9,"purl_type":50,"purl_namespace":49,"purl_name":65,"source":9,"versions":66},"linux-6.1",[67],{"version":68,"is_range":54,"range_type":55,"version_start":9,"version_start_type":9,"version_end":69,"version_end_type":57,"fixed_in":9},"lt6_1_153_1~deb11u1","6.1.153-1~deb11u1"]