CVE-2025-37997
- Source
- https://cve.org/CVERecord?id=CVE-2025-37997
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37997.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-37997
- Downstream
- Related
- Published
- 2025-05-29T13:15:55.580Z
- Modified
- 2026-05-07T04:17:01.881770Z
- Summary
- netfilter: ipset: fix region locking in hash types
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ipset: fix region locking in hash types
Region locking introduced in v5.6-rc4 contained three macros to handle the region locks: ahashbucketstart(), ahashbucketend() which gave back the start and end hash bucket values belonging to a given region lock and ahash_region() which should give back the region lock belonging to a given hash bucket. The latter was incorrect which can lead to a race condition between the garbage collector and adding new elements when a hash type of set is defined with timeouts.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37997.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/00cfc5fad1491796942a948808afb968a0a3f35b
- https://git.kernel.org/stable/c/226ce0ec38316d9e3739e73a64b6b8304646c658
- https://git.kernel.org/stable/c/6e002ecc1c8cfdfc866b9104ab7888da54613e59
- https://git.kernel.org/stable/c/82c1eb32693bc48251d92532975e19160987e5b9
- https://git.kernel.org/stable/c/8478a729c0462273188263136880480729e9efca
- https://git.kernel.org/stable/c/a3dfec485401943e315c394c29afe2db8f9481d6
- https://git.kernel.org/stable/c/aa77294b0f73bb8265987591460cd25b8722c3df
- https://git.kernel.org/stable/c/e2ab67672b2288521a6146034a971f9a82ffc5c5
- https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37997.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-37997
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced5dd9488ae41070b69d2f4acb580f77db5705f9caFixed00cfc5fad1491796942a948808afb968a0a3f35b
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedf66ee0410b1c3481ee75e5db9b34547b4d582465Fixed226ce0ec38316d9e3739e73a64b6b8304646c658Fixed82c1eb32693bc48251d92532975e19160987e5b9Fixedaa77294b0f73bb8265987591460cd25b8722c3dfFixeda3dfec485401943e315c394c29afe2db8f9481d6Fixede2ab67672b2288521a6146034a971f9a82ffc5c5Fixed6e002ecc1c8cfdfc866b9104ab7888da54613e59Fixed8478a729c0462273188263136880480729e9efca
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affecteda469bab3386aebff33c59506f3a95e35b91118fd
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.4.294
- Type
- ECOSYSTEM
- Events
-
Introduced5.5.0Fixed5.10.238
- Type
- ECOSYSTEM
- Events
-
Introduced5.6.0Fixed5.15.183
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed6.1.139
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.6.91
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.12.29
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.14.7