4 matches found
CVE-2025-37894
In the Linux kernel, the following vulnerability has been resolved: net: use sockgenput when skstate is TCPTIMEWAIT It is possible for a pointer of type struct inettimewaitsock to be returned from the functions inetlookupestablished and inet6lookupestablished. This can cause a crash when the...
CVE-2025-37894
CVE-2025-37894 affects the Linux kernel networking code: when sk_state is TCP_TIME_WAIT, a pointer of type inet_timewait_sock could be returned by __inet_lookup_established() or __inet6_lookup_established(), and calling sock_put() on it may crash (sk_wmem_alloc access in sk_free). The issue is mi...
CVE-2025-37894 net: use sock_gen_put() when sk_state is TCP_TIME_WAIT
In the Linux kernel, the following vulnerability has been resolved: net: use sockgenput when skstate is TCPTIMEWAIT It is possible for a pointer of type struct inettimewaitsock to be returned from the functions inetlookupestablished and inet6lookupestablished. This can cause a crash when the...
CVE-2025-37894 net: use sock_gen_put() when sk_state is TCP_TIME_WAIT
In the Linux kernel, the following vulnerability has been resolved: net: use sockgenput when skstate is TCPTIMEWAIT It is possible for a pointer of type struct inettimewaitsock to be returned from the functions inetlookupestablished and inet6lookupestablished. This can cause a crash when the...