CVE-2025-38006

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: mctp: Don&amp;#39;t access ifa_index when missing<br /> <br /> In mctp_dump_addrinfo, ifa_index can be used to filter interfaces, but<br /> only when the struct ifaddrmsg is provided. Otherwise it will be<br /> comparing to uninitialised memory - reproducible in the syzkaller case from<br /> dhcpd, or busybox "ip addr show".<br /> <br /> The kernel MCTP implementation has always filtered by ifa_index, so<br /> existing userspace programs expecting to dump MCTP addresses must<br /> already be passing a valid ifa_index value (either 0 or a real index).<br /> <br /> BUG: KMSAN: uninit-value in mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128<br /> mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128<br /> rtnl_dump_all+0x3ec/0x5b0 net/core/rtnetlink.c:4380<br /> rtnl_dumpit+0xd5/0x2f0 net/core/rtnetlink.c:6824<br /> netlink_dump+0x97b/0x1690 net/netlink/af_netlink.c:2309