AZL-64398 CVE-2025-38089 affecting package kernel for versions less than 6.6.96.1-1

🗓️ 30 Jun 2025 08:15:23Reported by GoogleType

osv

osv🔗 osv.dev

Linux kernel sunrpc vulnerability: handle SVC_GARBAGE as AUTH_ERROR with AUTH_BADCRED to prevent crashes.

Reporter	Title	Published	Views	Family All 310
IBM Security Bulletins	Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance	23 Apr 202610:51	–	ibm
IBM Security Bulletins	Security Bulletin: IBM DataPower Gateway affected by multiple vulnerabilities in OS kernel	15 Dec 202520:38	–	ibm
Tenable Nessus	Amazon Linux 2023 : bpftool, kernel6.12, kernel6.12-modules-extra (ALAS2023-2025-1080)	10 Jul 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : kernel (ALSA-2025:11411)	23 Jul 202500:00	–	nessus
Tenable Nessus	AlmaLinux 10 : kernel (ALSA-2025:11428)	9 Oct 202500:00	–	nessus
Tenable Nessus	Azure Linux 3.0 Security Update: kernel (CVE-2025-38089)	22 Jan 202600:00	–	nessus
Tenable Nessus	MiracleLinux 9 : kernel-5.14.0-570.28.1.el9_6 (AXSA:2025-10762:55)	13 Jan 202600:00	–	nessus
Tenable Nessus	openSUSE 16 Security Update : kernel (openSUSE-SU-2025-20081-1)	2 Dec 202500:00	–	nessus
Tenable Nessus	Oracle Linux 9 : kernel (ELSA-2025-11411)	22 Jul 202500:00	–	nessus
Tenable Nessus	Oracle Linux 10 : kernel (ELSA-2025-11428)	23 Jul 202500:00	–	nessus

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-38089

21 Apr 2026 04:32Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.15.5

EPSS0.0005

linux kernel sunrpc protocol svc garbage handling authentication error authentication bad credentials remote crash