CVE-2025-37789

Source
https://nvd.nist.gov/vuln/detail/CVE-2025-37789
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-37789.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-37789
Downstream
Related
Published
2025-05-01T14:15:43Z
Modified
2025-08-09T19:01:27Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

net: openvswitch: fix nested key length validation in the set() action

It's not safe to access nlalen(ovskey) if the data is smaller than the netlink header. Check that the attribute is OK first.

References

Affected packages