Checksum Offload Error in Linux Kernel Affects Network Integrity
CVE-2025-40337

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
9 December 2025

What is CVE-2025-40337?

A vulnerability in the Linux kernel's stmmac driver could allow corrupt packets to bypass validation due to improper handling of checksum offload errors. The stmmac_rx function incorrectly set the skb->ip_summed status, failing to account for hardware-reported checksum errors. This mismanagement could result in the network stack processing invalid packets as valid. A recent patch rectifies this issue by ensuring the kernel accurately checks the status flag indicating a checksum error, thereby enabling it to properly validate packets and maintain network integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 3c20f72f9108b2fcf30ec63d8a4203736c01ccd0 < 63fbe0e6413279d5ea5842e2423e351ded547683

Linux 3c20f72f9108b2fcf30ec63d8a4203736c01ccd0 < 719fcdf29051f7471d5d433475af76219019d33d

Linux 3c20f72f9108b2fcf30ec63d8a4203736c01ccd0 < 1aa319e0f12d2d761a31556b82a5852c98eb0bea

References

https://git.kernel.org/stable/c/63fbe0e6413279d5ea5842e24...
https://git.kernel.org/stable/c/719fcdf29051f7471d5d43347...
https://git.kernel.org/stable/c/1aa319e0f12d2d761a31556b8...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.