CVE-2025-37749

Updated: 2026-02-08 03:54:00.552771

Description:

In the Linux kernel, the following vulnerability has been resolved: net: ppp: Add bound checking for skb data on ppp_sync_txmung Ensure we have enough data in linear buffer from skb before accessing initial bytes. This prevents potential out-of-bounds accesses when processing short packets. When ppp_sync_txmung receives an incoming package with an empty payload: (remote) gef➤ p *(struct pppoe_hdr *) (skb->head + skb->network_header) $18 = { type = 0x1, ver = 0x1, code = 0x0, sid = 0x2, length = 0x0, tag = 0xffff8880371cdb96 } from the skb struct (trimmed) tail = 0x16, end = 0x140, head = 0xffff88803346f400 "4", data = 0xffff88803346f416 ":\377", truesize = 0x380, len = 0x0, data_len = 0x0, mac_len = 0xe, hdr_len = 0x0, it is not safe to access data[2]. [pabeni@redhat.com: fixed subj typo]


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0.0
CVSS Version 3.x HIGH 7.1

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement
AlmaLinux 9.2 ESU kernel 5.14.0 7.1 HIGH Released CLSA-2025:1764151168 2025-11-27 20:24:15
CentOS 6 ELS kernel 2.6.32 7.1 HIGH Not Vulnerable 2025-11-10 08:47:34
CentOS 7 ELS kernel 3.10.0 7.1 HIGH In Testing 2025-11-10 08:47:30
CentOS 8.4 ELS kernel 4.18.0 7.1 HIGH Needs Triage 2026-01-16 17:25:01
CentOS 8.5 ELS kernel 4.18.0 7.1 HIGH In Testing 2026-01-26 15:26:46
CentOS Stream 8 ELS kernel 4.18.0 7.1 HIGH Released CLSA-2026:1770032032 2026-02-02 16:16:34
CloudLinux 7 ELS kernel 3.10.0 7.1 HIGH Ignored 2025-12-27 05:33:56 CloudLinux 6 and 7 support is limited and provided on demand. We strongly recommend upgrading to Clo...
Oracle Linux 6 ELS kernel 2.6.32 7.1 HIGH Needs Triage 2025-11-10 06:21:47
Oracle Linux 7 ELS kernel 3.10.0 7.1 HIGH Needs Triage 2025-11-10 06:21:49
Oracle Linux 7 ELS kernel-uek 5.4.17 7.1 HIGH Released CLSA-2025:1757963029 2025-09-16 11:20:56
Total: 16