CVE-2025-37939

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A potential buffer read overflow issue has been identified in the Linux kernel, specifically in the libbpf component. The issue arises when accessing the BTF.ext core relo header without ensuring its presence, which could lead to a buffer read overflow. This issue was reported by the OSS Fuzz project. The fix involves updating the btf ext parse info() function to verify the presence of the core relo header before reading its fields.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.