CVE-2025-37789

May 1, 2025, 2:15 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix nested key length validation in the set() action It's not safe to access nla_len(ovs_key) if the data is smaller than the netlink header. Check that the attribute is OK first.

Product(s) Impacted

Vendor Product Versions
Linux
  • Openvswitch
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

Timeline

Published: May 1, 2025, 2:15 p.m.
Last Modified: May 1, 2025, 2:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.