CVE-2025-39718
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-39718
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-39718.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-39718
- Downstream
- Related
- Published
- 2025-09-05T18:15:49Z
- Modified
- 2025-09-22T22:01:12Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
vsock/virtio: Validate length in packet header before skb_put()
When receiving a vsock packet in the guest, only the virtqueue buffer size is validated prior to virtiovsockskbrxput(). Unfortunately, virtiovsockskbrxput() uses the length from the packet header as the length argument to skb_put(), potentially resulting in SKB overflow if the host has gone wonky.
Validate the length as advertised by the packet header before calling virtiovsockskbrxput().
- References
-
- https://git.kernel.org/stable/c/0dab92484474587b82e8e0455839eaf5ac7bf894
- https://git.kernel.org/stable/c/676f03760ca1d69c2470cef36c44dc152494b47c
- https://git.kernel.org/stable/c/969b06bd8b7560efb100a34227619e7d318fbe05
- https://git.kernel.org/stable/c/ee438c492b2e0705d819ac0e25d04fae758d8f8f
- https://git.kernel.org/stable/c/faf332a10372390ce65d0b803888f4b25a388335