PT-2025-36277 · Linux+8 · Linux Kernel+8

Publicado

2025-01-01

·

Atualizado

2026-05-22

·

CVE-2025-39682

CVSS v3.1

7.1

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The Linux kernel contains an issue in the TLS implementation related to handling zero-length records on the rx list. Each recvmsg() call is designed to process either contiguous DATA records or a single non-DATA record. The code failed to correctly handle scenarios where a zero-length record was encountered after a zero-copy decryption, as the associated skb (socket buffer) was not available for queuing to the rx list. This could lead to unexpected behavior when processing subsequent records.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Allocation of Resources Without Limits

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-770CWE-120

Identificadores relacionados

ALSA-2025:16880
ALSA-2025:16904
ALSA-2025_16880
ASB-A-440544511
AZL-67001
BDU:2025-12556
BDU:2025-12988
CVE-2025-39682
DLA-4328-1
DSA-6008-1
DSA-6009-1
ECHO-55C4-6CFD-DA78
INFSA-2025_16880
MGASA-2025-0234
MGASA-2025-0235
OESA-2026-2417
OESA-2026-2418
OPENSUSE-SU-2025:20081-1
RHSA-2025:19104
RHSA-2025:19223
RHSA-2025:19224
RHSA-2025_16880
SUSE-SU-2025:03600-1
SUSE-SU-2025:03601-1
SUSE-SU-2025:03602-1
SUSE-SU-2025:03633-1
SUSE-SU-2025:03634-1
SUSE-SU-2025:20851-1
SUSE-SU-2025:20861-1
SUSE-SU-2025:20870-1
SUSE-SU-2025:20898-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025:3725-1
SUSE-SU-2025:3751-1
SUSE-SU-2026:0144-1
SUSE-SU-2026:0145-1
SUSE-SU-2026:0146-1
SUSE-SU-2026:0148-1
SUSE-SU-2026:0171-1
SUSE-SU-2026:0202-1
SUSE-SU-2026:0203-1
SUSE-SU-2026:0209-1
SUSE-SU-2026:0262-1
SUSE-SU-2026:0269-1
SUSE-SU-2026:0270-1
SUSE-SU-2026:0274-1
SUSE-SU-2026:0283-1
SUSE-SU-2026:0284-1
SUSE-SU-2026:20149-1
SUSE-SU-2026:20164-1
SUSE-SU-2026:20169-1
SUSE-SU-2026:20248-1
SUSE-SU-2026:20249-1
SUSE-SU-2026:20250-1
SUSE-SU-2026:20251-1
SUSE-SU-2026:20252-1
SUSE-SU-2026:20253-1
SUSE-SU-2026:20254-1
SUSE-SU-2026:20255-1
SUSE-SU-2026:20256-1
SUSE-SU-2026:20257-1
SUSE-SU-2026:20258-1
SUSE-SU-2026:20259-1
SUSE-SU-2026:20260-1
SUSE-SU-2026:20261-1
SUSE-SU-2026:20264-1
SUSE-SU-2026:20265-1
SUSE-SU-2026:20266-1
SUSE-SU-2026:20376-1
SUSE-SU-2026:20377-1
SUSE-SU-2026:20378-1
SUSE-SU-2026:20379-1
SUSE-SU-2026:20380-1
SUSE-SU-2026:20381-1
SUSE-SU-2026:20382-1
SUSE-SU-2026:20385-1
SUSE-SU-2026:20392-1
SUSE-SU-2026:20393-1
SUSE-SU-2026:20394-1
SUSE-SU-2026:20395-1
SUSE-SU-2026:20396-1
SUSE-SU-2026:20397-1
SUSE-SU-2026:20398-1
SUSE-SU-2026:20399-1
SUSE-SU-2026:20400-1
USN-7833-1
USN-7833-2
USN-7833-3
USN-7833-4
USN-7834-1
USN-7835-1
USN-7835-2
USN-7835-3
USN-7835-4
USN-7835-5
USN-7835-6
USN-7856-1
USN-7887-1
USN-7887-2
USN-7940-1
USN-7940-2

Produtos afetados

Almalinux
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu