Checksum Offload Error in Linux Kernel Affects Network Integrity
CVE-2025-40337

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 9 December 2025

What is CVE-2025-40337?

A vulnerability in the Linux kernel's stmmac driver could allow corrupt packets to bypass validation due to improper handling of checksum offload errors. The stmmac_rx function incorrectly set the skb->ip_summed status, failing to account for hardware-reported checksum errors. This mismanagement could result in the network stack processing invalid packets as valid. A recent patch rectifies this issue by ensuring the kernel accurately checks the status flag indicating a checksum error, thereby enabling it to properly validate packets and maintain network integrity.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 63fbe0e6413279d5ea5842e2423e351ded547683

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 719fcdf29051f7471d5d433475af76219019d33d

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 1aa319e0f12d2d761a31556b82a5852c98eb0bea

References

https://git.kernel.org/stable/c/63fbe0e6413279d5ea5842e24...

https://git.kernel.org/stable/c/719fcdf29051f7471d5d43347...

https://git.kernel.org/stable/c/1aa319e0f12d2d761a31556b8...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 9, 2025
Vulnerability Reserved
Apr 16, 2025

JSON