PT-2025-22220 · Linux+6 · Linux Kernel+6

Published

2025-05-08

·

Updated

2026-04-20

·

CVE-2025-37959

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A vulnerability in the Linux kernel has been resolved. The issue occurs when bpf redirect peer is used to redirect packets to a device in another network namespace, and the packet is not properly scrubbed, potentially leading to the misuse of packet information from one namespace in another. This can cause issues with traffic handling, such as dropping packets. The vulnerability is related to the preservation of XFRM state information in the packet's skb extensions across network namespace switches.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Exposure of Resource to Wrong Sphere

Weakness Enumeration

CWE-668

Related Identifiers

AZL-72572
BDU:2025-12272
CVE-2025-37959
DLA-4271-1
DSA-5925-1
ECHO-7073-E067-C5F7
MGASA-2025-0182
MGASA-2025-0183
OESA-2025-2120
OESA-2025-2121
OESA-2025-2122
SUSE-SU-2025:01964-1
SUSE-SU-2025:01965-1
SUSE-SU-2025:02000-1
SUSE-SU-2025:02254-1
SUSE-SU-2025:02307-1
SUSE-SU-2025:02333-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:20408-1
SUSE-SU-2025:20413-1
SUSE-SU-2025:20419-1
SUSE-SU-2025:20421-1
SUSE-SU-2025_01964-1
SUSE-SU-2025_01965-1
SUSE-SU-2025_02000-1
SUSE-SU-2025_02254-1
SUSE-SU-2025_02307-1
SUSE-SU-2025_02333-1
USN-7699-1
USN-7699-2
USN-7721-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu