TCP Vulnerability in Linux Kernel Affecting Socket Management
CVE-2025-39913

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
1 October 2025

What is CVE-2025-39913?

A vulnerability exists in the Linux kernel's TCP BPF implementation, where a failure to allocate memory for the 'psock->cork' structure during a data transmission can lead to improper handling of socket messages. This issue arises when a program attached to a SOCKMAP attempts to handle data smaller than specified bytes, but fails silently due to error conditions. When this occurs, necessary state changes made to socket buffer allocations are not reverted, potentially resulting in inconsistent behavior or crashes. The vulnerability was highlighted through syzbot findings, prompting a need for improved error handling routines to ensure robust socket management.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 4f738adba30a7cfc006f605707e7aee847ffefa0 < 08f58d10f5abf11d297cc910754922498c921f91

Linux 4f738adba30a7cfc006f605707e7aee847ffefa0 < 05366527f44cf4b884f3d9462ae8009be9665856

Linux 4f738adba30a7cfc006f605707e7aee847ffefa0 < 7429b8b9bfbc276fd304fbaebc405f46b421fedf

References

https://git.kernel.org/stable/c/08f58d10f5abf11d297cc9107...
https://git.kernel.org/stable/c/05366527f44cf4b884f3d9462...
https://git.kernel.org/stable/c/7429b8b9bfbc276fd304fbaeb...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.