CVE-2025-37998 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: openvswitch: Fix unsafe attribute parsing in output_userspace() This patch replaces the manual Netlink attribute iteration in output_userspace() with nla_for_each_nested(), which ensures that only well-formed attributes are processed.

Reserved 2025-04-16 | Published 2025-05-29 | Updated 2025-05-29 | Assigner Linux

Product status

Default status

unaffected

ccb1352e76cff0524e7ccb2074826a092dd13016 before 47f7f00cf2fa3137d5c0416ef1a71bdf77901395

affected

ccb1352e76cff0524e7ccb2074826a092dd13016 before bca8df998cce1fead8cbc69144862eadc2e34c87

affected

ccb1352e76cff0524e7ccb2074826a092dd13016 before 0236742bd959332181c1fcc41a05b7b709180501

affected

ccb1352e76cff0524e7ccb2074826a092dd13016 before ec334aaab74705cc515205e1da3cb369fdfd93cd

affected

ccb1352e76cff0524e7ccb2074826a092dd13016 before 4fa672cbce9c86c3efb8621df1ae580d47813430

affected

ccb1352e76cff0524e7ccb2074826a092dd13016 before 6beb6835c1fbb3f676aebb51a5fee6b77fed9308

affected

Default status

affected

3.3

affected

Any version before 3.3

unaffected

5.15.183

unaffected

6.1.139

unaffected

6.6.91

unaffected

6.12.29

unaffected

6.14.7

unaffected

6.15

unaffected

References

git.kernel.org/...c/47f7f00cf2fa3137d5c0416ef1a71bdf77901395

git.kernel.org/...c/bca8df998cce1fead8cbc69144862eadc2e34c87

git.kernel.org/...c/0236742bd959332181c1fcc41a05b7b709180501

git.kernel.org/...c/ec334aaab74705cc515205e1da3cb369fdfd93cd

git.kernel.org/...c/4fa672cbce9c86c3efb8621df1ae580d47813430

git.kernel.org/...c/6beb6835c1fbb3f676aebb51a5fee6b77fed9308

cve.org (CVE-2025-37998)

nvd.nist.gov (CVE-2025-37998)

Download JSON