๐Ÿ” CVE Alert

CVE-2025-37749

UNKNOWN 0.0

net: ppp: Add bound checking for skb data on ppp_sync_txmung

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

In the Linux kernel, the following vulnerability has been resolved: net: ppp: Add bound checking for skb data on ppp_sync_txmung Ensure we have enough data in linear buffer from skb before accessing initial bytes. This prevents potential out-of-bounds accesses when processing short packets. When ppp_sync_txmung receives an incoming package with an empty payload: (remote) gefโžค p *(struct pppoe_hdr *) (skb->head + skb->network_header) $18 = { type = 0x1, ver = 0x1, code = 0x0, sid = 0x2, length = 0x0, tag = 0xffff8880371cdb96 } from the skb struct (trimmed) tail = 0x16, end = 0x140, head = 0xffff88803346f400 "4", data = 0xffff88803346f416 ":\377", truesize = 0x380, len = 0x0, data_len = 0x0, mac_len = 0xe, hdr_len = 0x0, it is not safe to access data[2]. [[email protected]: fixed subj typo]

Vendor linux
Product linux
Ecosystems
Industries
Technology
Published May 1, 2025
Last Updated May 11, 2026
Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Linux / Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 529401c8f12ecc35f9ea5d946d5a5596cf172b48 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < de5a4f0cba58625e88b7bebd88f780c8c0150997 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 99aa698dec342a07125d733e39aab4394b3b7e05 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < b78f2b458f56a5a4d976c8e01c43dbf58d3ea2ca 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < fbaffe8bccf148ece8ad67eb5d7aa852cabf59c8 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < b4c836d33ca888695b2f2665f948bc1b34fbd533 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 1f6eb9fa87a781d5370c0de7794ae242f1a95ee5 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 6e8a6bf43cea4347121ab21bb1ed8d7bef7e732e 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < aabc6596ffb377c4c9c8f335124b92ea282c9821
Linux / Linux
2.6.12

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
git.kernel.org: https://git.kernel.org/stable/c/529401c8f12ecc35f9ea5d946d5a5596cf172b48 git.kernel.org: https://git.kernel.org/stable/c/de5a4f0cba58625e88b7bebd88f780c8c0150997 git.kernel.org: https://git.kernel.org/stable/c/99aa698dec342a07125d733e39aab4394b3b7e05 git.kernel.org: https://git.kernel.org/stable/c/b78f2b458f56a5a4d976c8e01c43dbf58d3ea2ca git.kernel.org: https://git.kernel.org/stable/c/fbaffe8bccf148ece8ad67eb5d7aa852cabf59c8 git.kernel.org: https://git.kernel.org/stable/c/b4c836d33ca888695b2f2665f948bc1b34fbd533 git.kernel.org: https://git.kernel.org/stable/c/1f6eb9fa87a781d5370c0de7794ae242f1a95ee5 git.kernel.org: https://git.kernel.org/stable/c/6e8a6bf43cea4347121ab21bb1ed8d7bef7e732e git.kernel.org: https://git.kernel.org/stable/c/aabc6596ffb377c4c9c8f335124b92ea282c9821 lists.debian.org: https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html lists.debian.org: https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html