CVE-2025-38432

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: netpoll: Initialize UDP checksum field before checksumming

commit f1fce08e63fe ("netpoll: Eliminate redundant assignment") removed the initialization of the UDP checksum, which was wrong and broke netpoll IPv6 transmission due to bad checksumming.

udph->check needs to be set before calling csum_ipv6_magic().

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf1fce08e63fe1a2a8b8106b93b7244a39830edae < 353016ec159f939a380ff6746476a779367ba9a3affected
LinuxLinuxf1fce08e63fe1a2a8b8106b93b7244a39830edae < f5990207026987a353d5a95204c4d9cb725637fdaffected
LinuxLinux6.15affected
LinuxLinux0 < 6.15unaffected
LinuxLinux6.15.5 <= 6.15.*unaffected
LinuxLinux6.16 <= *unaffected

Weaknesses

References