CVE-2025-38472

EUVD-2025-22890

28.07.2025, 12:15

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_conntrack: fix crash due to removal of uninitialised entry

A crash in conntrack was reported while trying to unlink the conntrack
entry from the hash bucket list:
    [exception RIP: __nf_ct_delete_from_lists+172]
    [..]
 #7 [ff539b5a2b043aa0] nf_ct_delete at ffffffffc124d421 [nf_conntrack]
 #8 [ff539b5a2b043ad0] nf_ct_gc_expired at ffffffffc124d999 [nf_conntrack]
 #9 [ff539b5a2b043ae0] __nf_conntrack_find_get at ffffffffc124efbc [nf_conntrack]
    [..]

The nf_conn struct is marked as allocated from slab but appears to be in
a partially initialised state:

 ct hlist pointer is garbage; looks like the ct hash value
 (hence crash).
 ct->status is equal to IPS_CONFIRMED|IPS_DYING, which is expected
 ct->timeout is 30000 (=30s), which is unexpected.

Everything else looks like normal udp conntrack entry.  If we ignore
ct->status and pretend its 0, the entry matches those that are newly
allocated but not yet inserted into the hash:
  - ct hlist pointers are overloaded and store/cache the raw tuple hash
  - ct->timeout matches the relative time expected for a new udp flow
    rather than the absolute 'jiffies' value.

If it were not for the presence of IPS_CONFIRMED,
__nf_conntrack_find_get() would have skipped the entry.

Theory is that we did hit following race:

cpu x 			cpu y			cpu z
 found entry E		found entry E
 E is expired		<preemption>
 nf_ct_delete()
 return E to rcu slab
					init_conntrack
					E is re-inited,
					ct->status set to 0
					reply tuplehash hnnode.pprev
					stores hash value.

cpu y found E right before it was deleted on cpu x.
E is now re-inited on cpu z.  cpu y was preempted before
checking for expiry and/or confirm bit.

					->refcnt set to 1
					E now owned by skb
					->timeout set to 30000

If cpu y were to resume now, it would observe E as
expired but would skip E due to missing CONFIRMED bit.

					nf_conntrack_confirm gets called
					sets: ct->status |= CONFIRMED
					This is wrong: E is not yet added
					to hashtable.

cpu y resumes, it observes E as expired but CONFIRMED:
			<resumes>
			nf_ct_expired()
			 -> yes (ct->timeout is 30s)
			confirmed bit set.

cpu y will try to delete E from the hashtable:
			nf_ct_delete() -> set DYING bit
			__nf_ct_delete_from_lists

Even this scenario doesn't guarantee a crash:
cpu z still holds the table bucket lock(s) so y blocks:

			wait for spinlock held by z

					CONFIRMED is set but there is no
					guarantee ct will be added to hash:
					"chaintoolong" or "clash resolution"
					logic both skip the insert step.
					reply hnnode.pprev still stores the
					hash value.

					unlocks spinlock
					return NF_DROP
			<unblocks, then
			 crashes on hlist_nulls_del_rcu pprev>

In case CPU z does insert the entry into the hashtable, cpu y will unlink
E again right away but no crash occurs.

Without 'cpu y' race, 'garbage' hlist is of no consequence:
ct refcnt remains at 1, eventually skb will be free'd and E gets
destroyed via: nf_conntrack_put -> nf_conntrack_destroy -> nf_ct_destroy.

To resolve this, move the IPS_CONFIRMED assignment after the table
insertion but before the unlock.

Pablo points out that the confirm-bit-store could be reordered to happen
before hlist add resp. the timeout fixup, so switch to set_bit and
before_atomic memory barrier to prevent this.

It doesn't matter if other CPUs can observe a newly inserted entry right
before the CONFIRMED bit was set:

Such event cannot be distinguished from above "E is the old incarnation"
case: the entry will be skipped.

Also change nf_ct_should_gc() to first check the confirmed bit.

The gc sequence is:
 1. Check if entry has expired, if not skip to next entry
 2. Obtain a reference to the expired entry.
 3. Call nf_ct_should_gc() to double-check step 1.

nf_ct_should_gc() is thus called only for entries that already failed an
expiry check. After this patch, once the confirmed bit check pas
---truncated---

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 4%

Affected Products (NVD)

Vendor	Product	Version
linux	linux_kernel	5.18.13 ≤ 𝑥 < 6.1.147
linux	linux_kernel	6.2 ≤ 𝑥 < 6.6.100
linux	linux_kernel	6.7 ≤ 𝑥 < 6.12.40
linux	linux_kernel	6.13 ≤ 𝑥 < 6.15.8
linux	linux_kernel	6.16:rc1
linux	linux_kernel	6.16:rc2
linux	linux_kernel	6.16:rc3
linux	linux_kernel	6.16:rc4
linux	linux_kernel	6.16:rc5
linux	linux_kernel	6.16:rc6
debian	debian_linux	11.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

linux

bookworm	6.1.159-1 fixed
bookworm (security)	6.1.162-1 fixed
bullseye	5.10.223-1 not-affected
bullseye (security)	5.10.249-1 fixed
forky	6.18.9-1 fixed
sid	6.18.12-1 fixed
trixie	6.12.63-1 fixed
trixie (security)	6.12.73-1 fixed

linux-6.1

bullseye (security)

6.1.162-1~deb11u1

fixed

Ubuntu Releases

Ubuntu Product

Codename

linux-hwe

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	not-affected

linux-hwe-5.4

bionic	not-affected
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-hwe-5.8

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-hwe-5.11

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-hwe-5.13

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-hwe-5.15

bionic	dne
focal	not-affected
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-hwe-5.19

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-hwe-6.2

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-hwe-6.5

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-hwe-6.8

bionic	dne
focal	dne
jammy	Fixed 6.8.0-100.100~22.04.1 released
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-hwe-6.11

bionic	dne
focal	dne
jammy	dne
noble	ignored
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-hwe-6.14

bionic	dne
focal	dne
jammy	dne
noble	not-affected
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-hwe-edge

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	ignored

linux-lts-xenial

bionic	dne
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	not-affected
xenial	dne

linux-kvm

bionic	not-affected
focal	not-affected
jammy	not-affected
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	not-affected

linux-allwinner-5.19

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-5.0

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-5.3

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-5.4

bionic	not-affected
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-5.8

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-5.11

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-5.13

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-5.15

bionic	dne
focal	not-affected
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-5.19

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-6.2

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-6.5

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-6.8

bionic	dne
focal	dne
jammy	Fixed 6.8.0-1046.49~22.04.1 released
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-6.14

bionic	dne
focal	dne
jammy	dne
noble	Fixed 6.14.0-1017.17~24.04.1 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-hwe

bionic	dne
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	not-affected

linux-azure

bionic	ignored
focal	not-affected
jammy	not-affected
noble	pending
plucky	Fixed 6.14.0-1017.17 released
questing	not-affected
trusty	not-affected
xenial	not-affected

linux-azure-4.15

bionic	not-affected
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-5.3

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-5.4

bionic	not-affected
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-5.8

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-5.11

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-5.13

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-5.15

bionic	dne
focal	not-affected
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-5.19

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-6.2

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-6.5

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-6.8

bionic	dne
focal	dne
jammy	pending
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-6.11

bionic	dne
focal	dne
jammy	dne
noble	ignored
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-fde

bionic	dne
focal	ignored
jammy	not-affected
noble	needed
plucky	ignored
questing	needs-triage
trusty	dne
xenial	dne

linux-azure-fde-5.15

bionic	dne
focal	not-affected
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-fde-5.19

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-fde-6.2

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-nvidia

bionic	dne
focal	dne
jammy	dne
noble	pending
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-bluefield

bionic	dne
focal	not-affected
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-edge

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-fips

bionic	not-affected
focal	not-affected
jammy	not-affected
noble	Fixed 6.8.0-100.100+fips1 released
plucky	dne
questing	dne
trusty	dne
xenial	not-affected

linux-aws-fips

bionic	not-affected
focal	not-affected
jammy	not-affected
noble	Fixed 6.8.0-1046.49+fips1 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-fips

bionic	not-affected
focal	not-affected
jammy	not-affected
noble	pending
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-fips

bionic	not-affected
focal	not-affected
jammy	not-affected
noble	Fixed 6.8.0-1047.50+fips1 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp

bionic	ignored
focal	not-affected
jammy	not-affected
noble	Fixed 6.8.0-1047.50 released
plucky	Fixed 6.14.0-1020.21 released
questing	not-affected
trusty	dne
xenial	not-affected

linux-gcp-4.15

bionic	not-affected
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-5.3

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-5.4

bionic	not-affected
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-5.8

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-5.11

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-5.13

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-5.15

bionic	dne
focal	not-affected
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-5.19

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-6.2

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-6.5

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-6.8

bionic	dne
focal	dne
jammy	Fixed 6.8.0-1047.50~22.04.2 released
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-6.11

bionic	dne
focal	dne
jammy	dne
noble	ignored
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-6.14

bionic	dne
focal	dne
jammy	dne
noble	Fixed 6.14.0-1020.21~24.04.1 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gke

bionic	dne
focal	ignored
jammy	not-affected
noble	Fixed 6.8.0-1043.48 released
plucky	dne
questing	dne
trusty	dne
xenial	ignored

linux-gke-4.15

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gke-5.4

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gke-5.15

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gkeop

bionic	dne
focal	ignored
jammy	not-affected
noble	Fixed 6.8.0-1030.33 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gkeop-5.4

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gkeop-5.15

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-ibm

bionic	dne
focal	not-affected
jammy	not-affected
noble	pending
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-ibm-5.4

bionic	not-affected
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-ibm-5.15

bionic	dne
focal	not-affected
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-ibm-6.8

bionic	dne
focal	dne
jammy	pending
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-intel-5.13

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-intel-iotg

bionic	dne
focal	dne
jammy	not-affected
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-intel-iotg-5.15

bionic	dne
focal	not-affected
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-iot

bionic	dne
focal	not-affected
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-intel-iot-realtime

bionic	dne
focal	dne
jammy	not-affected
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-lowlatency

bionic	dne
focal	dne
jammy	not-affected
noble	Fixed 6.8.0-100.100.1 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-lowlatency-hwe-5.15

bionic	dne
focal	not-affected
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-lowlatency-hwe-5.19

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-lowlatency-hwe-6.2

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-lowlatency-hwe-6.5

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-lowlatency-hwe-6.8

bionic	dne
focal	dne
jammy	Fixed 6.8.0-100.100.1~22.04.1 released
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-lowlatency-hwe-6.11

bionic	dne
focal	dne
jammy	dne
noble	ignored
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-nvidia

bionic	dne
focal	dne
jammy	not-affected
noble	Fixed 6.8.0-1046.49 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-nvidia-6.2

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-nvidia-6.5

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-nvidia-6.8

bionic	dne
focal	dne
jammy	Fixed 6.8.0-1046.49~22.04.1 released
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-nvidia-lowlatency

bionic	dne
focal	dne
jammy	dne
noble	Fixed 6.8.0-1046.49.1 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-nvidia-tegra

bionic	dne
focal	dne
jammy	not-affected
noble	pending
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-nvidia-tegra-5.15

bionic	dne
focal	not-affected
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-nvidia-tegra-igx

bionic	dne
focal	dne
jammy	not-affected
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oracle-5.0

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oracle-5.3

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oracle-5.4

bionic	not-affected
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oracle-5.8

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oracle-5.11

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oracle-5.13

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oracle-5.15

bionic	dne
focal	not-affected
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oracle-6.5

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oracle-6.8

bionic	dne
focal	dne
jammy	Fixed 6.8.0-1043.44~22.04.1 released
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oracle-6.14

bionic	dne
focal	dne
jammy	dne
noble	Fixed 6.14.0-1017.17~24.04.1 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oem

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	ignored

linux-oem-5.6

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oem-5.10

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oem-5.13

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oem-5.14

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oem-5.17

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oem-6.0

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oem-6.1

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oem-6.5

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oem-6.8

bionic	dne
focal	dne
jammy	dne
noble	ignored
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oem-6.11

bionic	dne
focal	dne
jammy	dne
noble	ignored
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oem-6.14

bionic	dne
focal	dne
jammy	dne
noble	Fixed 6.14.0-1016.16 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-raspi2

bionic	ignored
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	ignored

linux-raspi-5.4

bionic	not-affected
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-raspi-realtime

bionic	dne
focal	dne
jammy	dne
noble	Fixed 6.8.0-2037.38 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-riscv

bionic	dne
focal	ignored
jammy	ignored
noble	ignored
plucky	Fixed 6.14.0-36.36.1 released
questing	not-affected
trusty	dne
xenial	dne

linux-riscv-5.8

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-riscv-5.11

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-riscv-5.15

bionic	dne
focal	not-affected
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-riscv-5.19

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-riscv-6.5

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-riscv-6.8

bionic	dne
focal	dne
jammy	Fixed 6.8.0-100.100~22.04.1 released
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-riscv-6.14

bionic	dne
focal	dne
jammy	dne
noble	Fixed 6.14.0-36.36.1~24.04.1 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-starfive-5.19

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-starfive-6.2

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-starfive-6.5

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-xilinx-zynqmp

bionic	dne
focal	not-affected
jammy	not-affected
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux

bionic	not-affected
focal	not-affected
jammy	not-affected
noble	Fixed 6.8.0-100.100 released
plucky	Fixed 6.14.0-36.36 released
questing	not-affected
trusty	not-affected
xenial	not-affected

linux-aws

bionic	not-affected
focal	not-affected
jammy	not-affected
noble	Fixed 6.8.0-1046.49 released
plucky	Fixed 6.14.0-1017.17 released
questing	not-affected
trusty	not-affected
xenial	not-affected

linux-oracle

bionic	not-affected
focal	not-affected
jammy	not-affected
noble	Fixed 6.8.0-1043.44 released
plucky	Fixed 6.14.0-1017.17 released
questing	not-affected
trusty	dne
xenial	not-affected

linux-raspi

bionic	dne
focal	not-affected
jammy	not-affected
noble	Fixed 6.8.0-1047.51 released
plucky	Fixed 6.14.0-1018.18 released
questing	not-affected
trusty	dne
xenial	dne

linux-realtime

bionic	dne
focal	dne
jammy	not-affected
noble	Fixed 6.8.1-1041.42 released
plucky	Fixed 6.14.0-1016.16 released
questing	not-affected
trusty	dne
xenial	dne

linux-intel

bionic	dne
focal	dne
jammy	dne
noble	ignored
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-nvidia-6.11

bionic	dne
focal	dne
jammy	dne
noble	ignored
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-realtime-6.14

bionic	dne
focal	dne
jammy	dne
noble	Fixed 6.14.0-1016.16~24.04.1 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-realtime-6.8

bionic	dne
focal	dne
jammy	Fixed 6.8.1-1041.42~22.04.1 released
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-6.14

bionic	dne
focal	dne
jammy	dne
noble	Fixed 6.14.0-1017.17~24.04.1 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-fde-6.14

bionic	dne
focal	dne
jammy	dne
noble	needed
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-nvidia-6.14

bionic	dne
focal	dne
jammy	dne
noble	pending
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-xilinx

bionic	dne
focal	dne
jammy	dne
noble	pending
plucky	ignored
questing	dne
trusty	dne
xenial	dne

linux-oem-6.17

bionic	dne
focal	dne
jammy	dne
noble	not-affected
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-fde-6.8

bionic	dne
focal	dne
jammy	needed
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-6.17

bionic	dne
focal	dne
jammy	dne
noble	not-affected
questing	dne
trusty	dne
xenial	dne

linux-gcp-6.17

bionic	dne
focal	dne
jammy	dne
noble	not-affected
questing	dne
trusty	dne
xenial	dne

linux-hwe-6.17

bionic	dne
focal	dne
jammy	dne
noble	not-affected
questing	dne
trusty	dne
xenial	dne

linux-oracle-6.17

bionic	dne
focal	dne
jammy	dne
noble	not-affected
questing	dne
trusty	dne
xenial	dne

linux-riscv-6.17

bionic	dne
focal	dne
jammy	dne
noble	not-affected
questing	dne
trusty	dne
xenial	dne

Common Weakness Enumeration

CWE-908 - Use of Uninitialized Resource
The software uses or accesses a resource that has not been initialized.

References

https://git.kernel.org/stable/c/2d72afb340657f03f7261e9243b44457a9228ac7

https://git.kernel.org/stable/c/76179961c423cd698080b5e4d5583cf7f4fcdde9

https://git.kernel.org/stable/c/938ce0e8422d3793fe30df2ed0e37f6bc0598379

https://git.kernel.org/stable/c/a47ef874189d47f934d0809ae738886307c0ea22

https://git.kernel.org/stable/c/fc38c249c622ff5e3011b8845fd49dbfd9289afc

https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html