Back to search
CVE-2025-37789
Published: May 1, 2025
Modified: May 11, 2026
PUBLISHED
Description
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix nested key length validation in the set() action It's not safe to access nla_len(ovs_key) if the data is smaller than the netlink header. Check that the attribute is OK first.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected ccb1352e76cff0524e7ccb2074826a092dd13016 - < 54c6957d1123a2032099b9eab51c314800f677ceaffected ccb1352e76cff0524e7ccb2074826a092dd13016 - < 7fcaec0b2ab8fa5fbf0b45e5512364a168f445bdaffected ccb1352e76cff0524e7ccb2074826a092dd13016 - < a27526e6b48eee9e2d82efff502c4f272f1a91d4affected ccb1352e76cff0524e7ccb2074826a092dd13016 - < 1489c195c8eecd262aa6712761ba5288203e28ecaffected ccb1352e76cff0524e7ccb2074826a092dd13016 - < 824a7c2df5127b2402b68a21a265d413e78dcad7+3 more versions |
Linux | Linux | affected 3.3unaffected 0 - < 3.3unaffected 5.4.293 - <= 5.4.*unaffected 5.10.237 - <= 5.10.*unaffected 5.15.181 - <= 5.15.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now