All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH vulns] add a .vulnerable id for CVE-2025-38608
@ 2025-09-03  5:41 Hoyeon Lee
  2025-09-03 12:36 ` Greg KH
  0 siblings, 1 reply; 2+ messages in thread
From: Hoyeon Lee @ 2025-09-03  5:41 UTC (permalink / raw)
  To: cve; +Cc: gregkh, linux-kernel, Hoyeon Lee

The issue depends on bpf_msg_pop_data() helper, which was introduced
by commit 7246d8ed4dcc ("bpf: helper to pop data from messages"). Fixes
tag in commit 178f6a5c8cb3 ("bpf, ktls: Fix data corruption when using
bpf_msg_pop_data() in ktls") incorrectly points to commit d3b18ad31f93
("tls: add bpf support to sk_msg handling"), which does not provide this
helper. For this reason, the introduction of bpf_msg_pop_data() has been
chosen as the vulnerable point for CVE-2025-38608.

Signed-off-by: Hoyeon Lee <hoyeon.lee@suse.com>
---
 cve/published/2025/CVE-2025-38608.vulnerable | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 cve/published/2025/CVE-2025-38608.vulnerable

diff --git a/cve/published/2025/CVE-2025-38608.vulnerable b/cve/published/2025/CVE-2025-38608.vulnerable
new file mode 100644
index 000000000..f0336d0ed
--- /dev/null
+++ b/cve/published/2025/CVE-2025-38608.vulnerable
@@ -0,0 +1 @@
+7246d8ed4dcce23f7509949a77be15fa9f0e3d28
-- 
2.51.0


^ permalink raw reply related	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-09-03 12:36 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-09-03  5:41 [PATCH vulns] add a .vulnerable id for CVE-2025-38608 Hoyeon Lee
2025-09-03 12:36 ` Greg KH

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.