Linux Kernel Vulnerability in Open vSwitch Affecting Attribute Parsing
CVE-2025-37998

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
29 May 2025

What is CVE-2025-37998?

A vulnerability has been identified in the Open vSwitch component of the Linux kernel regarding unsafe attribute parsing during the handling of userspace output. This flaw occurred due to manual Netlink attribute iteration in the output_userspace() function, risking the processing of ill-formed attributes. A patch has been implemented to enhance security by utilizing nla_for_each_nested(), effectively ensuring that only well-structured attributes are handled. Users are advised to update their Open vSwitch installations to the latest version to mitigate potential risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux ccb1352e76cff0524e7ccb2074826a092dd13016 < 6712dc21506738f5f22b4f68b7c0d9e0df819dbd

Linux ccb1352e76cff0524e7ccb2074826a092dd13016 < 06b4f110c79716c181a8c5da007c259807840232

Linux ccb1352e76cff0524e7ccb2074826a092dd13016 < 47f7f00cf2fa3137d5c0416ef1a71bdf77901395

References

https://git.kernel.org/stable/c/6712dc21506738f5f22b4f68b...
https://git.kernel.org/stable/c/06b4f110c79716c181a8c5da0...
https://git.kernel.org/stable/c/47f7f00cf2fa3137d5c0416ef...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.