Vulnerabilities

CVE-2025-37789

by Fred · 01/05/2025

In the Linux kernel, the following vulnerability has been resolved:

net: openvswitch: fix nested key length validation in the set() action

It’s not safe to access nla_len(ovs_key) if the data is smaller than
the netlink header. Check that the attribute is OK first.

More information : https://git.kernel.org/stable/c/03d7262dd53e8c404da35cc81aaa887fd901f76b

Similar

Tags: Cybersecurity Alert