Buffer Overflow Vulnerability in Linux Kernel's Vsock Handling
CVE-2025-39718
What is CVE-2025-39718?
A vulnerability exists in the Linux kernel related to the processing of vsock packets. Specifically, when receiving a packet in the guest system, the validation of the virtqueue buffer size occurs before the length from the packet header is used in the virtio_vsock_skb_rx_put() function. If this length is manipulated or is inaccurate, it may lead to a buffer overflow condition, potentially compromising the stability and security of the system. Proper validation of the packet header length before invoking virtio_vsock_skb_rx_put() is crucial to mitigate risks associated with this vulnerability.
Affected Version(s)
Linux baddcc2c71572968cdaeee1c4ab3dc0ad90fa765 < 969b06bd8b7560efb100a34227619e7d318fbe05
Linux 71dc9ec9ac7d3eee785cdc986c3daeb821381e20
Linux 71dc9ec9ac7d3eee785cdc986c3daeb821381e20