CVE-2025-38201

{"id": "CVE-2025-38201", "cveTags": [], "metrics": {}, "published": "2025-07-04T14:15:28.000", "references": [{"url": "https://git.kernel.org/stable/c/0ab3de047808f375a36cd345225572eb3366f3c6", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/b85e3367a5716ed3662a4fe266525190d2af76df", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/d2768016f091f8a5264076b433fd7c3fabb6eb97", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX\n\nOtherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof()\nwhen resizing hashtable because __GFP_NOWARN is unset.\n\nSimilar to:\n\n b541ba7d1f5a (\"netfilter: conntrack: clamp maximum hashtable size to INT_MAX\")"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: nft_set_pipapo: fijar el tama\u00f1o m\u00e1ximo del contenedor de mapas a INT_MAX. De lo contrario, es posible que se active WARN_ON_ONCE en __kvmalloc_node_noprof() al redimensionar la tabla hash porque __GFP_NOWARN no est\u00e1 configurado. Similar a: b541ba7d1f5a (\"netfilter: conntrack: fijar el tama\u00f1o m\u00e1ximo de la tabla hash a INT_MAX\")"}], "lastModified": "2025-07-08T16:18:53.607", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}