Fixed
Created: Jul 28, 2025
Updated: Aug 28, 2025
Resolved Date: Aug 28, 2025
Found In Version: 10.22.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:EOL][EOL]virtio-net: ensure the received length does not exceed allocated size[EOL][EOL]In xdp_linearize_page, when reading the following buffers from the ring,[EOL]we forget to check the received length with the true allocate size. This[EOL]can lead to an out-of-bound read. This commit adds that missing check.
CREATE(Triage):(User=admin) [CVE-2025-38375 (https://nvd.nist.gov/vuln/detail/CVE-2025-38375)
