[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-DEBIAN-CVE-2025-38591":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":16,"duplicates":25,"related":26,"reserved_at":9,"published_at":27,"modified_at":28,"state":9,"summary":29,"references_raw":31,"kevs":38,"epss":9,"epss_history":39,"metrics":40,"affected":47},"DEBIAN-CVE-2025-38591","In the Linux kernel, the following vulnerability has been resolved:  bpf: Reject narrower access to pointer ctx fields  The following BPF program, simplified from a syzkaller repro, causes a kernel warning:      r0 = *(u8 *)(r1 + 169);     exit;  With pointer field sk being at offset 168 in __sk_buff. This access is detected as a narrower read in bpf_skb_is_valid_access because it doesn't match offsetof(struct __sk_buff, sk). It is therefore allowed and later proceeds to bpf_convert_ctx_access. Note that for the \"is_narrower_load\" case in the convert_ctx_accesses(), the insn->off is aligned, so the cnt may not be 0 because it matches the offsetof(struct __sk_buff, sk) in the bpf_convert_ctx_access. However, the target_size stays 0 and the verifier errors with a kernel warning:      verifier bug: error during ctx access conversion(1)  This patch fixes that to return a proper \"invalid bpf_context access off=X size=Y\" error on the load instruction.  The same issue affects multiple other fields in context structures that allow narrow access. Some other non-affected fields (for sk_msg, sk_lookup, and sockopt) were also changed to use bpf_ctx_range_ptr for consistency.  Note this syzkaller crash was reported in the \"Closes\" link below, which used to be about a different bug, fixed in commit fce7bd8e385a (\"bpf/verifier: Handle BPF_LOAD_ACQ instructions in insn_def_regno()\"). Because syzbot somehow confused the two bugs, the new crash and repro didn't get reported to the mailing list.",null,[],[],[],[14],{"_key":15},"CVE-2025-38591",[17,19,21,23],{"_key":18},"DLA-4476-1",{"_key":20},"DLA-4475-1",{"_key":22},"DSA-6126-1",{"_key":24},"DSA-6127-1",[],[],"2025-08-19T17:15:36.790Z","2026-04-28T20:30:00.776255Z",{"cisa_kev":30,"cisa_ransomware":30,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[32],{"url":33,"sources":34,"tags":36},"https://security-tracker.debian.org/tracker/CVE-2025-38591",[35],"osv_debian",[37],"Advisory",[],[],[41],{"source":35,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":42,"cvss_v4_0":9},{"baseScore":43,"baseSeverity":9,"vectorString":44,"impactScore":45,"exploitabilityScore":46},5.5,"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",6,4.6,[48,73],{"ecosystem":49,"name":50,"vendor":51,"product":50,"cpe_part":9,"purl_type":52,"purl_namespace":51,"purl_name":50,"source":9,"versions":53},"Debian","linux","debian","deb",[54,58,59,60,64,67,70],{"version":55,"is_range":56,"range_type":57,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"all",true,"ecosystem",{"version":55,"is_range":56,"range_type":57,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":55,"is_range":56,"range_type":57,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":61,"is_range":56,"range_type":57,"version_start":9,"version_start_type":9,"version_end":62,"version_end_type":63,"fixed_in":9},"lt5_10_249_1","5.10.249-1","excluding",{"version":65,"is_range":56,"range_type":57,"version_start":9,"version_start_type":9,"version_end":66,"version_end_type":63,"fixed_in":9},"lt6_1_162_1","6.1.162-1",{"version":68,"is_range":56,"range_type":57,"version_start":9,"version_start_type":9,"version_end":69,"version_end_type":63,"fixed_in":9},"lt6_12_69_1","6.12.69-1",{"version":71,"is_range":56,"range_type":57,"version_start":9,"version_start_type":9,"version_end":72,"version_end_type":63,"fixed_in":9},"lt6_16_3_1","6.16.3-1",{"ecosystem":49,"name":74,"vendor":51,"product":74,"cpe_part":9,"purl_type":52,"purl_namespace":51,"purl_name":74,"source":9,"versions":75},"linux-6.1",[76,77],{"version":55,"is_range":56,"range_type":57,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":78,"is_range":56,"range_type":57,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":63,"fixed_in":9},"lt6_1_162_1~deb11u1","6.1.162-1~deb11u1"]