CVE-2025-37790

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-37790

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37790.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-37790

Downstream

BELL-CVE-2025-37790

DEBIAN-CVE-2025-37790

DLA-4193-1

ECHO-3cea-533a-16cd

OESA-2025-1878

OESA-2025-1879

OESA-2025-1880

SUSE-SU-2025:01919-1

SUSE-SU-2025:01951-1

SUSE-SU-2025:01964-1

SUSE-SU-2025:01965-1

SUSE-SU-2025:01967-1

UBUNTU-CVE-2025-37790

USN-7594-1

USN-7594-2

USN-7594-3

USN-7654-1

USN-7654-2

USN-7654-3

USN-7654-4

USN-7654-5

USN-7655-1

USN-7686-1

USN-7711-1

USN-7712-1

USN-7712-2

Related

SUSE-SU-2025:01919-1
SUSE-SU-2025:01951-1
SUSE-SU-2025:01964-1
SUSE-SU-2025:01965-1
SUSE-SU-2025:01967-1

Published

2025-05-01T14:15:43Z

Modified

2025-08-09T20:01:26Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

net: mctp: Set SOCKRCUFREE

Bind lookup runs under RCU, so ensure that a socket doesn't go away in the middle of a lookup.

References

https://git.kernel.org/stable/c/3f899bd6dd56ddc46509b526e23a8f0a97712a6d
https://git.kernel.org/stable/c/52024cd6ec71a6ca934d0cc12452bd8d49850679
https://git.kernel.org/stable/c/5c1313b93c8c2e3904a48aa88e2fa1db28c607ae
https://git.kernel.org/stable/c/a8a3b61ce140e2b0a72a779e8d70f60c0cf1e47a
https://git.kernel.org/stable/c/b9764ebebb007249fb733a131b6110ff333b6616
https://git.kernel.org/stable/c/e3b5edbdb45924a7d4206d13868a2aac71f1e53d

CVE-2025-37790

Affected packages