CVE-2025-37756

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue in the Linux kernel allows for the disconnection of a TLS socket, which can lead to unexpected corner cases and a denial of service. This is caused by insufficient input validation in the tls main.c component. Technical analysis indicates that the problem manifests as a warning in the tls strp msg load() function, specifically within the net/tls/tls strp.c file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2025-11935

CVE-2025-37756

DLA-4178-1

DLA-4193-1

ECHO-C6E4-8052-9DD3

SUSE-SU-2025:02249-1

SUSE-SU-2025:02254-1

SUSE-SU-2025:02307-1

SUSE-SU-2025:02333-1

SUSE-SU-2025:02334-1

SUSE-SU-2025:02335-1

SUSE-SU-2025:02538-1

SUSE-SU-2025:02923-1

SUSE-SU-2025:20475-1

SUSE-SU-2025:20483-1

SUSE-SU-2025:20493-1

SUSE-SU-2025:20498-1

SUSE-SU-2025_02249-1

SUSE-SU-2025_02254-1

SUSE-SU-2025_02307-1

SUSE-SU-2025_02333-1

SUSE-SU-2025_02334-1

SUSE-SU-2025_02335-1

SUSE-SU-2025_02538-1

USN-7594-1

USN-7594-2

USN-7594-3

USN-7654-1

USN-7654-2

USN-7654-3

USN-7654-4

USN-7654-5

USN-7655-1

USN-7686-1

USN-7711-1

USN-7712-1

USN-7712-2

USN-7792-1

USN-7792-2

USN-7792-3

USN-7799-1

USN-7800-1

USN-7801-1

USN-7801-2

USN-7801-3

USN-7808-1

USN-7808-2

USN-7809-1

Affected Products

Astra Linux

Debian

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

CVE-2025-37756

Weakness Enumeration

Related Identifiers

Affected Products

References · 1925