{"id":"CVE-2025-38618","summary":"vsock: Do not allow binding to VMADDR_PORT_ANY","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Do not allow binding to VMADDR_PORT_ANY\n\nIt is possible for a vsock to autobind to VMADDR_PORT_ANY. This can\ncause a use-after-free when a connection is made to the bound socket.\nThe socket returned by accept() also has port VMADDR_PORT_ANY but is not\non the list of unbound sockets. Binding it will result in an extra\nrefcount decrement similar to the one fixed in fcdd2242c023 (vsock: Keep\nthe binding until socket destruction).\n\nModify the check in __vsock_bind_connectible() to also prevent binding\nto VMADDR_PORT_ANY.","aliases":["A-439253642","ASB-A-439253642"],"modified":"2026-04-16T04:38:02.439984589Z","published":"2025-08-22T13:01:24.678Z","related":["SUSE-SU-2025:03204-1","SUSE-SU-2025:03272-1","SUSE-SU-2025:03283-1","SUSE-SU-2025:03290-1","SUSE-SU-2025:03301-1","SUSE-SU-2025:03310-1","SUSE-SU-2025:03314-1","SUSE-SU-2025:03344-1","SUSE-SU-2025:03382-1","SUSE-SU-2025:03383-1","SUSE-SU-2025:03384-1","SUSE-SU-2025:03602-1","SUSE-SU-2025:03633-1","SUSE-SU-2025:03634-1","SUSE-SU-2025:20653-1","SUSE-SU-2025:20669-1","SUSE-SU-2025:20739-1","SUSE-SU-2025:20756-1","SUSE-SU-2025:20939-1","SUSE-SU-2025:20940-1","SUSE-SU-2025:20941-1","SUSE-SU-2025:20942-1","SUSE-SU-2025:20943-1","SUSE-SU-2025:20944-1","SUSE-SU-2025:20945-1","SUSE-SU-2025:20946-1","SUSE-SU-2025:20947-1","SUSE-SU-2025:20949-1","SUSE-SU-2025:20950-1","SUSE-SU-2025:20951-1","SUSE-SU-2025:20952-1","SUSE-SU-2025:20953-1","SUSE-SU-2025:20955-1","SUSE-SU-2025:20956-1","SUSE-SU-2025:20957-1","SUSE-SU-2025:20959-1","SUSE-SU-2025:20960-1","SUSE-SU-2025:20972-1","SUSE-SU-2025:20973-1","SUSE-SU-2025:20974-1","SUSE-SU-2025:20975-1","SUSE-SU-2025:20977-1","SUSE-SU-2025:20978-1","SUSE-SU-2025:20980-1","SUSE-SU-2025:20981-1","SUSE-SU-2025:20982-1","SUSE-SU-2025:20983-1","SUSE-SU-2025:20984-1","SUSE-SU-2025:20985-1","SUSE-SU-2025:20986-1","SUSE-SU-2025:20987-1","SUSE-SU-2025:20988-1","SUSE-SU-2025:20989-1","SUSE-SU-2025:20991-1","SUSE-SU-2025:21074-1","SUSE-SU-2025:21139-1","SUSE-SU-2025:21179-1","SUSE-SU-2025:3878-1","SUSE-SU-2025:3880-1","SUSE-SU-2025:3886-1","SUSE-SU-2025:3888-1","SUSE-SU-2025:3892-1","SUSE-SU-2025:3927-1","SUSE-SU-2025:3932-1","SUSE-SU-2025:3935-1","SUSE-SU-2025:3936-1","SUSE-SU-2025:3983-1","SUSE-SU-2025:3987-1","SUSE-SU-2025:3995-1","SUSE-SU-2025:4000-1","SUSE-SU-2025:4001-1","SUSE-SU-2025:4016-1","SUSE-SU-2025:4024-1","SUSE-SU-2025:4031-1","SUSE-SU-2025:4036-1","SUSE-SU-2025:4040-1","SUSE-SU-2025:4043-1","SUSE-SU-2025:4046-1","SUSE-SU-2025:4050-1","SUSE-SU-2025:4056-1","SUSE-SU-2025:4058-1","SUSE-SU-2025:4059-1","SUSE-SU-2025:4062-1","SUSE-SU-2025:4063-1","SUSE-SU-2025:4064-1","SUSE-SU-2025:4078-1","SUSE-SU-2025:4123-1","SUSE-SU-2026:20149-1","SUSE-SU-2026:20164-1","SUSE-SU-2026:20169-1","openSUSE-SU-2025:20081-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38618.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/32950b1907919be86a7a2697d6f93d57068b3865"},{"type":"WEB","url":"https://git.kernel.org/stable/c/44bd006d5c93f6a8f28b106cbae2428c5d0275b7"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8f01093646b49f6330bb2d36761983fd829472b1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/aba0c94f61ec05315fa7815d21aefa4c87f6a9f4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c04a2c1ca25b9b23104124d3b2d349d934e302de"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cf86704798c1b9c46fa59dfc2d662f57d1394d79"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d1a5b1964cef42727668ac0d8532dae4f8c19386"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d73960f0cf03ef1dc9e96ec7a20e538accc26d87"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f138be5d7f301fddad4e65ec66dfc3ceebf79be3"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38618.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38618"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"d021c344051af91f42c5ba9fdedc176740cbd238"},{"fixed":"c04a2c1ca25b9b23104124d3b2d349d934e302de"},{"fixed":"d1a5b1964cef42727668ac0d8532dae4f8c19386"},{"fixed":"cf86704798c1b9c46fa59dfc2d662f57d1394d79"},{"fixed":"f138be5d7f301fddad4e65ec66dfc3ceebf79be3"},{"fixed":"44bd006d5c93f6a8f28b106cbae2428c5d0275b7"},{"fixed":"32950b1907919be86a7a2697d6f93d57068b3865"},{"fixed":"8f01093646b49f6330bb2d36761983fd829472b1"},{"fixed":"d73960f0cf03ef1dc9e96ec7a20e538accc26d87"},{"fixed":"aba0c94f61ec05315fa7815d21aefa4c87f6a9f4"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38618.json"}}],"schema_version":"1.7.5"}