Unrated severityNVD Advisory· Published Jul 3, 2025· Updated Mar 25, 2026

netfilter: nft_set_pipapo: prevent overflow in lookup table allocation

CVE-2025-38162

Description

In the Linux kernel, the following vulnerability has been resolved:

When calculating the lookup table size, ensure the following multiplication does not overflow:

- desc->field_len[] maximum value is U8_MAX multiplied by NFT_PIPAPO_GROUPS_PER_BYTE(f) that can be 2, worst case. - NFT_PIPAPO_BUCKETS(f->bb) is 2^8, worst case. - sizeof(unsigned long), from sizeof(*f->lt), lt in struct nft_pipapo_field.

Then, use check_mul_overflow() to multiply by bucket size and then use check_add_overflow() to the alignment for avx2 (if needed). Finally, add lt_size_check_overflow() helper and use it to consolidate this.

While at it, replace leftover allocation using the GFP_KERNEL to GFP_KERNEL_ACCOUNT for consistency, in pipapo_resize().

Affected products

Linux/Linux Kernel Rtllm-fuzzy
osv-coords78 versions
pkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-64kb&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-debug&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-rt_debug&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-source-rt&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-syms-rt&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2015.6 pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7 pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6 pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7 pkg:rpm/suse/kernel-coco_debug&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6 pkg:rpm/suse/kernel-coco&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP7 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP7 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP7 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7 pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_14&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6 pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_14&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6 pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_3&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7 pkg:rpm/suse/kernel-livepatch-SLE15-SP7_Update_3&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7 pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7 pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6 pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7 pkg:rpm/suse/kernel-source-coco&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7 pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6 pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7 pkg:rpm/suse/kernel-syms-coco&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7 pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7 pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7
< 6.4.0-150600.23.65.1+ 77 more
- (no CPE)range: < 6.4.0-150600.23.65.1
- (no CPE)range: < 6.4.0-150600.23.65.1
- (no CPE)range: < 6.4.0-150600.8.48.1
- (no CPE)range: < 6.4.0-150600.23.65.1
- (no CPE)range: < 6.4.0-150600.23.65.1.150600.12.28.4
- (no CPE)range: < 6.4.0-150600.23.65.1
- (no CPE)range: < 6.4.0-150600.23.65.1
- (no CPE)range: < 6.4.0-150600.23.65.1
- (no CPE)range: < 6.4.0-150600.23.65.1
- (no CPE)range: < 6.4.0-150600.23.65.1
- (no CPE)range: < 6.4.0-150600.10.49.1
- (no CPE)range: < 6.4.0-150600.10.49.1
- (no CPE)range: < 6.4.0-150600.8.48.1
- (no CPE)range: < 6.4.0-150600.23.65.1
- (no CPE)range: < 6.4.0-150600.10.49.1
- (no CPE)range: < 6.4.0-150600.8.48.1
- (no CPE)range: < 6.4.0-150600.23.65.1
- (no CPE)range: < 6.4.0-150600.10.49.1
- (no CPE)range: < 6.4.0-150600.23.65.1
- (no CPE)range: < 6.4.0-150600.23.65.1
- (no CPE)range: < 6.4.0-150700.53.11.1
- (no CPE)range: < 6.4.0-150600.8.48.1
- (no CPE)range: < 6.4.0-150700.20.11.1
- (no CPE)range: < 6.4.0-15061.28.coco15sp6.1
- (no CPE)range: < 6.4.0-15061.28.coco15sp6.1
- (no CPE)range: < 6.4.0-150600.23.65.1.150600.12.28.4
- (no CPE)range: < 6.4.0-150700.53.11.1.150700.17.9.4
- (no CPE)range: < 6.4.0-32.1.21.10
- (no CPE)range: < 6.4.0-32.1.21.10
- (no CPE)range: < 6.4.0-150600.23.65.1
- (no CPE)range: < 6.4.0-150700.53.11.1
- (no CPE)range: < 6.4.0-150600.23.65.1
- (no CPE)range: < 6.4.0-150700.53.11.1
- (no CPE)range: < 6.4.0-150600.23.65.1
- (no CPE)range: < 6.4.0-150700.53.11.1
- (no CPE)range: < 6.4.0-150600.23.65.1
- (no CPE)range: < 6.4.0-150700.53.11.1
- (no CPE)range: < 6.4.0-150600.23.65.1
- (no CPE)range: < 6.4.0-150700.53.11.1
- (no CPE)range: < 6.4.0-32.1
- (no CPE)range: < 6.4.0-32.1
- (no CPE)range: < 6.4.0-150600.23.65.1
- (no CPE)range: < 6.4.0-150700.53.11.3
- (no CPE)range: < 6.4.0-32.1
- (no CPE)range: < 6.4.0-32.1
- (no CPE)range: < 1-150600.1.5.1
- (no CPE)range: < 1-150600.13.3.4
- (no CPE)range: < 1-150700.1.5.1
- (no CPE)range: < 1-150700.15.3.4
- (no CPE)range: < 6.4.0-150600.23.65.1
- (no CPE)range: < 6.4.0-150700.53.11.1
- (no CPE)range: < 6.4.0-150600.10.49.1
- (no CPE)range: < 6.4.0-35.1
- (no CPE)range: < 6.4.0-35.1
- (no CPE)range: < 6.4.0-150600.10.49.1
- (no CPE)range: < 6.4.0-150700.7.13.1
- (no CPE)range: < 6.4.0-150600.8.48.1
- (no CPE)range: < 6.4.0-150700.20.11.1
- (no CPE)range: < 6.4.0-15061.28.coco15sp6.1
- (no CPE)range: < 6.4.0-150600.23.65.1
- (no CPE)range: < 6.4.0-150700.53.11.1
- (no CPE)range: < 6.4.0-150600.23.65.1
- (no CPE)range: < 6.4.0-150700.53.11.1
- (no CPE)range: < 6.4.0-32.1
- (no CPE)range: < 6.4.0-32.1
- (no CPE)range: < 6.4.0-35.1
- (no CPE)range: < 6.4.0-35.1
- (no CPE)range: < 6.4.0-150600.10.49.1
- (no CPE)range: < 6.4.0-150700.7.13.1
- (no CPE)range: < 6.4.0-150600.8.48.1
- (no CPE)range: < 6.4.0-150700.20.11.1
- (no CPE)range: < 6.4.0-15061.28.coco15sp6.1
- (no CPE)range: < 6.4.0-150600.23.65.1
- (no CPE)range: < 6.4.0-150700.53.11.1
- (no CPE)range: < 6.4.0-150600.10.49.1
- (no CPE)range: < 6.4.0-150700.7.13.1
- (no CPE)range: < 6.4.0-150600.23.65.1
- (no CPE)range: < 6.4.0-150700.53.11.1
Linux/Linuxcpe-rescue
Range: 5.6

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000