CVE-2025-37749
Published: May 1, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: net: ppp: Add bound checking for skb data on ppp_sync_txmung Ensure we have enough data in linear buffer from skb before accessing initial bytes. This prevents potential out-of-bounds accesses when processing short packets. When ppp_sync_txmung receives an incoming package with an empty payload: (remote) gef➤ p *(struct pppoe_hdr *) (skb->head + skb->network_header) $18 = { type = 0x1, ver = 0x1, code = 0x0, sid = 0x2, length = 0x0, tag = 0xffff8880371cdb96 } from the skb struct (trimmed) tail = 0x16, end = 0x140, head = 0xffff88803346f400 "4", data = 0xffff88803346f416 ":\377", truesize = 0x380, len = 0x0, data_len = 0x0, mac_len = 0xe, hdr_len = 0x0, it is not safe to access data[2]. [[email protected]: fixed subj typo]
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 529401c8f12ecc35f9ea5d946d5a5596cf172b48affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < de5a4f0cba58625e88b7bebd88f780c8c0150997affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 99aa698dec342a07125d733e39aab4394b3b7e05affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < b78f2b458f56a5a4d976c8e01c43dbf58d3ea2caaffected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < fbaffe8bccf148ece8ad67eb5d7aa852cabf59c8+4 more versions |
Linux | Linux | affected 2.6.12unaffected 0 - < 2.6.12unaffected 5.4.293 - <= 5.4.*unaffected 5.10.237 - <= 5.10.*unaffected 5.15.181 - <= 5.15.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now