CVE-2025-37789

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-37789

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-37789.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-37789

Downstream

BELL-CVE-2025-37789

DEBIAN-CVE-2025-37789

DLA-4178-1

DLA-4193-1

ECHO-968f-e1fb-8a64

OESA-2025-2120

OESA-2025-2121

OESA-2025-2122

SUSE-SU-2025:01918-1

SUSE-SU-2025:01919-1

SUSE-SU-2025:01951-1

SUSE-SU-2025:01964-1

SUSE-SU-2025:01965-1

SUSE-SU-2025:01966-1

SUSE-SU-2025:01967-1

SUSE-SU-2025:01982-1

SUSE-SU-2025:01983-1

SUSE-SU-2025:02173-1

SUSE-SU-2025:02262-1

UBUNTU-CVE-2025-37789

USN-7594-1

USN-7594-2

USN-7594-3

USN-7654-1

USN-7654-2

USN-7654-3

USN-7654-4

USN-7654-5

USN-7655-1

USN-7686-1

USN-7711-1

USN-7712-1

USN-7712-2

Related

Published

2025-05-01T14:15:43Z

Modified

2025-08-09T19:01:27Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

net: openvswitch: fix nested key length validation in the set() action

It's not safe to access nlalen(ovskey) if the data is smaller than the netlink header. Check that the attribute is OK first.

References

CVE-2025-37789

Affected packages